CVE-2025-38128 | Linux Kernel up to 6.15.2 Bluetooth mgmt_hci_cmd_sync privilege escalation

Inserito da Angelo Barbosa | Lug 3, 2025 | CVE

A vulnerability classified as problematic has been found in Linux Kernel up to 6.15.2. This affects the function mgmt_hci_cmd_sync of the component Bluetooth. The manipulation leads to privilege escalation.

This vulnerability is uniquely identified as CVE-2025-38128. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-38128 | Linux Kernel up to 6.15.2 Bluetooth mgmt_hci_cmd_sync privilege escalation

Post correlati

CVE-2024-12986 | DrayTek Vigor2960/Vigor300B 1.5.1.3/1.5.1.4 Web Management Interface apmcfgupptim session os command injection

CVE-2024-38534 | OISF Suricata up to 7.0.5 Modbus stream.reassembly.depth allocation of resources

CVE-2024-6811 | IrfanView WSQ File Parser out-of-bounds write

CVE-2024-51564 | FreeBSD hda Audio Driver improper validation of specified index, position, or offset in input