CVE-2025-13834

🗓️ 15 Jan 2026 00:00:00Reported by candidateType

cve📰️ 1 Media mentions👁 17 Views🌐 WEB

CVE-2025-13834 is a memory disclosure in the RFCOMM Bluetooth stack. Public details confirm an unauthenticated attacker within Bluetooth range can trigger an out-of-bounds read via a malformed RFCOMM TEST command, leaking up to 127 bytes of memory...

Reporter	Title	Published	Views	Family All 4
GithubExploit	Exploit for CVE-2025-13834	21 Jan 202607:46	–	githubexploit
Positive Technologies	PT-2026-4631	24 Jan 202600:00	–	ptsecurity
The Hacker News	⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats	2 Feb 202611:59	–	thn
CERT	Information Leak and DoS Vulnerabilities in Redmi Buds 3 Pro through 6 Pro	15 Jan 202600:00	–	cert

Parameter	Position	Path	Description	CWE
pi.len	nested	net/bluetooth/rfcomm/core.c	Out-of-bounds read in RFCOMM TEST handling enabling memory disclosure via crafted payload	CWE-125
RFCOMM_TEST_HDR_SIZE	nested	net/bluetooth/rfcomm/core.c	Out-of-bounds read in RFCOMM TEST handling enabling memory disclosure via crafted payload	CWE-125
skb->data	nested	net/bluetooth/rfcomm/core.c	Out-of-bounds read in RFCOMM TEST handling enabling memory disclosure via crafted payload	CWE-125
payload	nested	net/bluetooth/rfcomm/core.c	Out-of-bounds read in RFCOMM TEST handling enabling memory disclosure via crafted payload	CWE-125
target_mac	path	exploits/cve_2025_13834_exploit.py	PoC exploit script for CVE-2025-13834 RFCOMM memory disclosure	CWE-329
iterations	path	exploits/cve_2025_13834_exploit.py	PoC exploit script for CVE-2025-13834 RFCOMM memory disclosure	CWE-329
payload_size	path	exploits/cve_2025_13834_exploit.py	PoC exploit script for CVE-2025-13834 RFCOMM memory disclosure	CWE-329
payload	path	exploits/cve_2025_13834_exploit.py	PoC exploit script for CVE-2025-13834 RFCOMM memory disclosure	CWE-329

15 Jan 2026 15:16Current