CVE-2025-40294
Description
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern()
In the parse_adv_monitor_pattern() function, the value of the 'length' variable is currently limited to HCI_MAX_EXT_AD_LENGTH(251). The size of the 'value' array in the mgmt_adv_pattern structure is 31. If the value of 'pattern[i].length' is set in the user space and exceeds 31, the 'patterns[i].value' array can be accessed out of bound when copied.
Increasing the size of the 'value' array in the 'mgmt_adv_pattern' structure will break the userspace. Considering this, and to avoid OOB access revert the limits for 'offset' and 'length' back to the value of HCI_MAX_AD_LENGTH.
Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
138- osv-coords136 versionspkg:linux/kernelpkg:rpm/almalinux/kernelpkg:rpm/almalinux/kernel-64kpkg:rpm/almalinux/kernel-64k-corepkg:rpm/almalinux/kernel-64k-debugpkg:rpm/almalinux/kernel-64k-debug-corepkg:rpm/almalinux/kernel-64k-debug-develpkg:rpm/almalinux/kernel-64k-debug-devel-matchedpkg:rpm/almalinux/kernel-64k-debug-modulespkg:rpm/almalinux/kernel-64k-debug-modules-corepkg:rpm/almalinux/kernel-64k-debug-modules-extrapkg:rpm/almalinux/kernel-64k-develpkg:rpm/almalinux/kernel-64k-devel-matchedpkg:rpm/almalinux/kernel-64k-modulespkg:rpm/almalinux/kernel-64k-modules-corepkg:rpm/almalinux/kernel-64k-modules-extrapkg:rpm/almalinux/kernel-abi-stablelistspkg:rpm/almalinux/kernel-corepkg:rpm/almalinux/kernel-cross-headerspkg:rpm/almalinux/kernel-debugpkg:rpm/almalinux/kernel-debug-corepkg:rpm/almalinux/kernel-debug-develpkg:rpm/almalinux/kernel-debug-devel-matchedpkg:rpm/almalinux/kernel-debug-modulespkg:rpm/almalinux/kernel-debug-modules-corepkg:rpm/almalinux/kernel-debug-modules-extrapkg:rpm/almalinux/kernel-debug-uki-virtpkg:rpm/almalinux/kernel-develpkg:rpm/almalinux/kernel-devel-matchedpkg:rpm/almalinux/kernel-docpkg:rpm/almalinux/kernel-headerspkg:rpm/almalinux/kernel-modulespkg:rpm/almalinux/kernel-modules-corepkg:rpm/almalinux/kernel-modules-extrapkg:rpm/almalinux/kernel-modules-extra-matchedpkg:rpm/almalinux/kernel-rtpkg:rpm/almalinux/kernel-rt-64kpkg:rpm/almalinux/kernel-rt-64k-corepkg:rpm/almalinux/kernel-rt-64k-debugpkg:rpm/almalinux/kernel-rt-64k-debug-corepkg:rpm/almalinux/kernel-rt-64k-debug-develpkg:rpm/almalinux/kernel-rt-64k-debug-modulespkg:rpm/almalinux/kernel-rt-64k-debug-modules-corepkg:rpm/almalinux/kernel-rt-64k-debug-modules-extrapkg:rpm/almalinux/kernel-rt-64k-develpkg:rpm/almalinux/kernel-rt-64k-modulespkg:rpm/almalinux/kernel-rt-64k-modules-corepkg:rpm/almalinux/kernel-rt-64k-modules-extrapkg:rpm/almalinux/kernel-rt-corepkg:rpm/almalinux/kernel-rt-debugpkg:rpm/almalinux/kernel-rt-debug-corepkg:rpm/almalinux/kernel-rt-debug-develpkg:rpm/almalinux/kernel-rt-debug-modulespkg:rpm/almalinux/kernel-rt-debug-modules-corepkg:rpm/almalinux/kernel-rt-debug-modules-extrapkg:rpm/almalinux/kernel-rt-develpkg:rpm/almalinux/kernel-rt-modulespkg:rpm/almalinux/kernel-rt-modules-corepkg:rpm/almalinux/kernel-rt-modules-extrapkg:rpm/almalinux/kernel-toolspkg:rpm/almalinux/kernel-tools-libspkg:rpm/almalinux/kernel-tools-libs-develpkg:rpm/almalinux/kernel-uki-virtpkg:rpm/almalinux/kernel-uki-virt-addonspkg:rpm/almalinux/kernel-zfcpdumppkg:rpm/almalinux/kernel-zfcpdump-corepkg:rpm/almalinux/kernel-zfcpdump-develpkg:rpm/almalinux/kernel-zfcpdump-devel-matchedpkg:rpm/almalinux/kernel-zfcpdump-modulespkg:rpm/almalinux/kernel-zfcpdump-modules-corepkg:rpm/almalinux/kernel-zfcpdump-modules-extrapkg:rpm/almalinux/libperfpkg:rpm/almalinux/perfpkg:rpm/almalinux/python3-perfpkg:rpm/almalinux/rtlapkg:rpm/almalinux/rvpkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2016.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-obs-qa&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-obs-qa&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 6.1.159+ 135 more
- (no CPE)range: < 6.1.159
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 6.12.0-124.31.1.el10_1
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 5.14.0-611.26.1.el9_7
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1.160000.2.6
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.4.0-150700.20.24.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.4.0-150700.53.28.1.150700.17.19.1
- (no CPE)range: < 6.12.0-160000.9.1.160000.2.6
- (no CPE)range: < 6.12.0-160000.9.1.160000.2.6
- (no CPE)range: < 6.12.0-160000.9.1.160000.2.6
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 1-150700.1.3.1
- (no CPE)range: < 1-150700.15.3.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.4.0-150700.7.28.1
- (no CPE)range: < 6.4.0-150700.20.24.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.4.0-150700.7.28.1
- (no CPE)range: < 6.4.0-150700.20.24.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.4.0-150700.7.28.1
- (no CPE)range: < 6.4.0-150700.53.28.1
- (no CPE)range: < 6.12.0-160000.9.1
- (no CPE)range: < 6.12.0-160000.9.1
Patches
Vulnerability mechanics
References
5- git.kernel.org/stable/c/3a50d59b3781bc3a4e96533612509546a4c309a7nvd
- git.kernel.org/stable/c/4b7d4aa5399b5a64caee639275615c63c008540dnvd
- git.kernel.org/stable/c/5f7350ff2b179764a4f40ba4161b60b8aaef857bnvd
- git.kernel.org/stable/c/8d59fba49362c65332395789fd82771f1028d87envd
- git.kernel.org/stable/c/96616530f524a0a76248cd44201de0a9e8526190nvd
News mentions
0No linked articles in our index yet.