cve-2025-37792
Vulnerability from cvelistv5
Published
2025-05-01 13:07
Modified
2025-05-04 07:32
Severity ?
EPSS score ?
Summary
Bluetooth: btrtl: Prevent potential NULL dereference
References
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/bluetooth/btrtl.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c3e9717276affe59fd8213706db021b493e81e34",
"status": "affected",
"version": "26503ad25de8c7c93a2037f919c2e49a62cf65f1",
"versionType": "git"
},
{
"lessThan": "73dc99c0ea94abd22379b2d82cacbc73f3e18ec1",
"status": "affected",
"version": "26503ad25de8c7c93a2037f919c2e49a62cf65f1",
"versionType": "git"
},
{
"lessThan": "2d7c60c2a38b4b461fa960ad0995136a6bfe0756",
"status": "affected",
"version": "26503ad25de8c7c93a2037f919c2e49a62cf65f1",
"versionType": "git"
},
{
"lessThan": "d8441818690d795232331bd8358545c5c95b6b72",
"status": "affected",
"version": "26503ad25de8c7c93a2037f919c2e49a62cf65f1",
"versionType": "git"
},
{
"lessThan": "3db6605043b50c8bb768547b23e0222f67ceef3e",
"status": "affected",
"version": "26503ad25de8c7c93a2037f919c2e49a62cf65f1",
"versionType": "git"
},
{
"lessThan": "aaf356f872a60db1e96fb762a62c4607fd22741f",
"status": "affected",
"version": "26503ad25de8c7c93a2037f919c2e49a62cf65f1",
"versionType": "git"
},
{
"lessThan": "53ceef799dcfc22c734d600811bfc9dd32eaea0a",
"status": "affected",
"version": "26503ad25de8c7c93a2037f919c2e49a62cf65f1",
"versionType": "git"
},
{
"lessThan": "324dddea321078a6eeb535c2bff5257be74c9799",
"status": "affected",
"version": "26503ad25de8c7c93a2037f919c2e49a62cf65f1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/bluetooth/btrtl.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.19"
},
{
"lessThan": "4.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.293",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.237",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.135",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.88",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.25",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15-rc3",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.293",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.237",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.135",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.88",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.25",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.4",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15-rc3",
"versionStartIncluding": "4.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027"
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T07:32:40.917Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c3e9717276affe59fd8213706db021b493e81e34"
},
{
"url": "https://git.kernel.org/stable/c/73dc99c0ea94abd22379b2d82cacbc73f3e18ec1"
},
{
"url": "https://git.kernel.org/stable/c/2d7c60c2a38b4b461fa960ad0995136a6bfe0756"
},
{
"url": "https://git.kernel.org/stable/c/d8441818690d795232331bd8358545c5c95b6b72"
},
{
"url": "https://git.kernel.org/stable/c/3db6605043b50c8bb768547b23e0222f67ceef3e"
},
{
"url": "https://git.kernel.org/stable/c/aaf356f872a60db1e96fb762a62c4607fd22741f"
},
{
"url": "https://git.kernel.org/stable/c/53ceef799dcfc22c734d600811bfc9dd32eaea0a"
},
{
"url": "https://git.kernel.org/stable/c/324dddea321078a6eeb535c2bff5257be74c9799"
}
],
"title": "Bluetooth: btrtl: Prevent potential NULL dereference",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37792",
"datePublished": "2025-05-01T13:07:24.882Z",
"dateReserved": "2025-04-16T04:51:23.941Z",
"dateUpdated": "2025-05-04T07:32:40.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-37792\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-05-01T14:15:43.660\",\"lastModified\":\"2025-05-02T13:53:20.943\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nBluetooth: btrtl: Prevent potential NULL dereference\\n\\nThe btrtl_initialize() function checks that rtl_load_file() either\\nhad an error or it loaded a zero length file. However, if it loaded\\na zero length file then the error code is not set correctly. It\\nresults in an error pointer vs NULL bug, followed by a NULL pointer\\ndereference. This was detected by Smatch:\\n\\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: btrtl: Prevenir posible desreferencia de NULL. La funci\u00f3n btrtl_initialize() comprueba si rtl_load_file() tuvo un error o carg\u00f3 un archivo de longitud cero. Sin embargo, si carg\u00f3 un archivo de longitud cero, el c\u00f3digo de error no se configura correctamente. Esto genera un error de puntero de error vs. NULL, seguido de una desreferencia de puntero NULL. Esto fue detectado por Smatch: drivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2d7c60c2a38b4b461fa960ad0995136a6bfe0756\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/324dddea321078a6eeb535c2bff5257be74c9799\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3db6605043b50c8bb768547b23e0222f67ceef3e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/53ceef799dcfc22c734d600811bfc9dd32eaea0a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/73dc99c0ea94abd22379b2d82cacbc73f3e18ec1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/aaf356f872a60db1e96fb762a62c4607fd22741f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c3e9717276affe59fd8213706db021b493e81e34\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/d8441818690d795232331bd8358545c5c95b6b72\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.