Bluetooth Vulnerability in Linux Kernel Affects Mediatek Devices
CVE-2025-68298

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68298?

A vulnerability has been identified in the Linux kernel that impacts Mediatek Bluetooth devices. The issue occurs due to the lack of a proper NULL check in the btusb_mtk_claim_iso_intf() function, which can lead to system crashes when interfacing with Bluetooth devices. Specifically, if the function usb_ifnum_to_if() returns NULL, the system attempts to use a null pointer, resulting in a crash rather than handling the error appropriately. This issue underscores the importance of rigorous pointer handling in driver interfaces to maintain system stability.

Affected Version(s)

Linux 930e1790b99e5839e1af69d2f7fd808f1fba2df9 < 2fa09fe98ca3b114d66285f65f7e108fea131815

Linux e9087e828827e5a5c85e124ce77503f2b81c3491

Linux e9087e828827e5a5c85e124ce77503f2b81c3491

References

https://git.kernel.org/stable/c/2fa09fe98ca3b114d66285f65...
https://git.kernel.org/stable/c/c3b990e0b23068da65f0004cd...
https://git.kernel.org/stable/c/c884a0b27b4586e607431d86a...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-68298 : Bluetooth Vulnerability in Linux Kernel Affects Mediatek Devices