216.73.217.19

CVE-2025-40213

· Published 24/11/2025 16:15 · Modified 25/11/2025 22:16

Labels: CVE-2025-40213 2025-11-24416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2025-40213

Essential information

Published
24/11/2025 16:15
Modified
25/11/2025 22:16
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete There is a BUG: KASAN: stack-out-of-bounds in set_mesh_sync due to memcpy from badly declared on-stack flexible array. Another crash is in set_mesh_complete() due to double list_del via mgmt_pending_valid + mgmt_pending_remove. Use DEFINE_FLEX to declare the flexible array right, and don't memcpy outside bounds. As mgmt_pending_valid removes the cmd from list, use mgmt_pending_free, and also report status on error.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

References