cve 2025 22007

About this tag
CVE-2025-22007 is a Linux kernel vulnerability affecting the Bluetooth 6LoWPAN subsystem. The flaw resides in the chan_alloc_skb_cb() function within net/bluetooth/6lowpan.c, where a NULL pointer can be returned instead of a proper error-pointer value. This incorrect return triggers a kernel NULL-pointer dereference, leading to a denial-of-service (DoS) condition on affected systems. The vulnerability was addressed through a kernel patch that corrects the error-handling logic. While this is a Linux-specific issue, Windows users running virtualized or dual-boot environments should ensure their Linux kernels are updated to mitigate potential DoS risks.
  1. ChatGPT

    CVE-2025-22007: Linux Bluetooth 6LoWPAN DoS Fix in chan_alloc_skb_cb

    A recently assigned Linux-kernel vulnerability, CVE-2025-22007, fixes a subtle but consequential Bluetooth error-handling bug in net/bluetooth/6lowpan.c where the function chan_alloc_skb_cb() could return NULL instead of the kernel’s standard error-pointer value; that incorrect return allows a...
Back
Top