Bluetooth Vulnerability in Linux Kernel Affecting BTUSB Driver
CVE-2025-38641

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 August 2025

What is CVE-2025-38641?

A vulnerability in the Linux kernel's Bluetooth subsystem specifically within the btusb driver was identified due to inadequate handling of the kmalloc function's return value. This oversight could lead to a potential NULL pointer dereference, causing instability and unexpected behavior in systems utilizing Bluetooth functionality. It is recommended to apply the latest patches to ensure proper memory allocation checks are in place, mitigating the risk of such failures.

Affected Version(s)

Linux 7d70989fcea7f79afe018a7e34d3486406c7a94e < 5029d80bfc30b60ff57c70ccb04e027acb404f6a

Linux 7d70989fcea7f79afe018a7e34d3486406c7a94e

Linux 6.16

References

https://git.kernel.org/stable/c/5029d80bfc30b60ff57c70ccb...

https://git.kernel.org/stable/c/b505902c66a282dcb01bcdc01...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2025
Vulnerability Reserved
Apr 16, 2025