CVE-2025-40282
Published: Dec 6, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has header_ops, so it must set link-local header for RX skb, otherwise things crash, eg. with AF_PACKET SOCK_RAW Add missing skb_reset_mac_header() for uncompressed ipv6 RX path. For the compressed one, it is done in lowpan_header_decompress(). Log: (BlueZ 6lowpan-tester Client Recv Raw - Success) ------ kernel BUG at net/core/skbuff.c:212! Call Trace: <IRQ> ... packet_rcv (net/packet/af_packet.c:2152) ... <TASK> __local_bh_enable_ip (kernel/softirq.c:407) netif_rx (net/core/dev.c:5648) chan_recv_cb (net/bluetooth/6lowpan.c:294 net/bluetooth/6lowpan.c:359) ------
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 18722c247023035b9e2e2a08a887adec2a9a6e49 - < ea46a1d217bc82e01cf3d0424e50ebfe251e34bfaffected 18722c247023035b9e2e2a08a887adec2a9a6e49 - < 973e0271754c77db3e1b6b69adf2de85a79a4c8baffected 18722c247023035b9e2e2a08a887adec2a9a6e49 - < d566e9a2bfc848941b091ffd5f4e12c4e889d818affected 18722c247023035b9e2e2a08a887adec2a9a6e49 - < 4ebb90c3c309e6375dc3e841af92e2a039843e62affected 18722c247023035b9e2e2a08a887adec2a9a6e49 - < c24ac6cfe4f9a47180a65592c47e7a310d2f9d93+3 more versions |
Linux | Linux | affected 3.14unaffected 0 - < 3.14unaffected 5.4.302 - <= 5.4.*unaffected 5.10.247 - <= 5.10.*unaffected 5.15.197 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now