CVE-2025-38473
📋 TL;DR
This CVE describes a null pointer dereference vulnerability in the Linux kernel's Bluetooth L2CAP socket implementation. When exploited, it can cause a kernel panic leading to denial of service. Systems running vulnerable Linux kernel versions with Bluetooth enabled are affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical access to restart the system.
Likely Case
System crash or instability when Bluetooth connections are established or resumed, requiring reboot to restore functionality.
If Mitigated
No impact if Bluetooth is disabled or the system is patched; otherwise, potential service disruption.
🎯 Exploit Status
Exploitation requires Bluetooth access and specific timing conditions during connection resumption. The vulnerability was discovered by syzbot fuzzing.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple kernel versions with fixes referenced in the CVE (commits: 262cd18f5f7e, 2b27b3890066, 3a4eca2a1859, 6d63901dcd59, a0075accbf0d)
Vendor Advisory: https://git.kernel.org/stable/c/262cd18f5f7ede6a586580cadc5d0799e52e2e7c
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Disable Bluetooth
linuxCompletely disable Bluetooth functionality to prevent exploitation
systemctl stop bluetooth
systemctl disable bluetooth
rfkill block bluetooth
Blacklist Bluetooth kernel module
linuxPrevent Bluetooth kernel module from loading
echo 'blacklist btusb' >> /etc/modprobe.d/blacklist-bluetooth.conf
echo 'blacklist bluetooth' >> /etc/modprobe.d/blacklist-bluetooth.conf
update-initramfs -u
🧯 If You Can't Patch
- Disable Bluetooth functionality completely on affected systems
- Implement network segmentation to isolate Bluetooth-enabled devices from critical systems
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with distribution security advisories. Vulnerable if running an affected kernel version with Bluetooth enabled.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to a patched version and test Bluetooth functionality for stability.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- KASAN null-ptr-deref reports in kernel logs
- Bluetooth subsystem crashes
Network Indicators:
- Unexpected Bluetooth disconnections
- Bluetooth service failures
SIEM Query:
source="kernel" AND ("KASAN: null-ptr-deref" OR "l2cap_sock_resume_cb" OR "Bluetooth crash")🔗 References
- https://git.kernel.org/stable/c/262cd18f5f7ede6a586580cadc5d0799e52e2e7c
- https://git.kernel.org/stable/c/2b27b389006623673e8cfff4ce1e119cce640b05
- https://git.kernel.org/stable/c/3a4eca2a1859955c65f07a570156bd2d9048ce33
- https://git.kernel.org/stable/c/6d63901dcd592a1e3f71d7c6d78f9be5e8d7eef0
- https://git.kernel.org/stable/c/a0075accbf0d76c2dad1ad3993d2e944505d99a0
- https://git.kernel.org/stable/c/ac3a8147bb24314fb3e84986590148e79f9872ec
- https://git.kernel.org/stable/c/b97be7ee8a1cd96b89817cbd64a9f5cc16c17d08
- https://git.kernel.org/stable/c/c4f16f6b071a74ac7eefe5c28985285cbbe2cd96
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
