Linux Kernel Bluetooth EIR Handling Vulnerability Leading to Potential Crashes

Vulnerability

A vulnerability in the Linux kernel's Bluetooth implementation has been addressed, which could lead to crashes. The issue arose in the Enhanced Inquiry Response (EIR) data handling, specifically within the 'eir_create_adv_data' function. This function may have tried to include EIR_FLAGS and EIR_TX_POWER attributes without verifying whether there was sufficient space to accommodate them.

Impact

The vulnerability could cause a crash by creating a buffer overflow situation, where the program tries to write more data than a buffer can hold, potentially leading to memory corruption.

Added: Jul 10, 2025, 8:54 AM

Updated: Jul 10, 2025, 8:54 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Bluetooth EIR Handling Vulnerability Leading to Potential Crashes

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating