CVE-2025-68306 | Linux Kernel up to 6.12.60/6.17.10 Bluetooth hci_cmd_sync_work null pointer dereference

Inserito da Angelo Barbosa | Dic 16, 2025 | CVE

A vulnerability was found in Linux Kernel up to 6.12.60/6.17.10. It has been declared as critical. Affected by this issue is the function hci_cmd_sync_work of the component Bluetooth. Executing manipulation can lead to null pointer dereference.

This vulnerability is tracked as CVE-2025-68306. The attack is only possible within the local network. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2025-68306 | Linux Kernel up to 6.12.60/6.17.10 Bluetooth hci_cmd_sync_work null pointer dereference

Post correlati

CVE-2024-20755 | Adobe Bridge heap-based overflow (APSB24-15)

CVE-2025-52284 | TOTOLINK X6000R 9.4.0cu.1360_B20241207 sub_4184C0 tz command injection

CVE-2024-1414 | Exclusive Addons for Elementor Plugin up to 2.6.9 on WordPress Call To Action Widget cross site scripting

CVE-2024-44625 | Gogs up to 0.13.0 editor.go editFilePost path traversal