Vulnerability in Linux

CVE-2025-40308

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsp_recv() can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer d…

EPSS: 0.002 (6.0th percentile) — read the EPSS interpretation.

Affected products

  • Linux — versions 6.1.135, 5.10.237, 366ceff495f902182d42b6f41525c2474caf3f9a

References