Linux Kernel Bluetooth Vulnerability in Management Functions
CVE-2025-40213
What is CVE-2025-40213?
A vulnerability in the Linux kernel's Bluetooth management functionalities has been identified, leading to potential crashes. The issue arises in the set_mesh_sync and set_mesh_complete functions due to improper handling of memory operations. Specifically, a stack-out-of-bounds access occurs in set_mesh_sync caused by a flawed declaration of a flexible array, resulting in a memcpy operation exceeding allocated bounds. Additionally, set_mesh_complete is affected by a double list deletion issue that can lead to stability problems. Proper declaration of arrays and improved error handling protocols are required to mitigate these issues and ensure system stability.
Affected Version(s)
Linux d71b98f253b079cbadc83266383f26fe7e9e103b < 5c19daa93d9af29f1f46251b47e1ea66bcc8d679
Linux 302a1f674c00dd5581ab8e493ef44767c5101aab < 1c9aca1787e8395a2c59fef20e914467958969c5
Linux 302a1f674c00dd5581ab8e493ef44767c5101aab