You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 22007
About this tag
CVE-2025-22007 is a Linux kernel vulnerability affecting the Bluetooth 6LoWPAN subsystem. The flaw resides in the chan_alloc_skb_cb() function within net/bluetooth/6lowpan.c, where a NULL pointer can be returned instead of a proper error-pointer value. This incorrect return triggers a kernel NULL-pointer dereference, leading to a denial-of-service (DoS) condition on affected systems. The vulnerability was addressed through a kernel patch that corrects the error-handling logic. While this is a Linux-specific issue, Windows users running virtualized or dual-boot environments should ensure their Linux kernels are updated to mitigate potential DoS risks.
A recently assigned Linux-kernel vulnerability, CVE-2025-22007, fixes a subtle but consequential Bluetooth error-handling bug in net/bluetooth/6lowpan.c where the function chan_alloc_skb_cb() could return NULL instead of the kernel’s standard error-pointer value; that incorrect return allows a...