CVE-2025-39889 Bluetooth: l2cap: Check encryption key size on incoming connection

🗓️ 24 Sep 2025 11:02:51Reported by LinuxType

Fixed Linux kernel Bluetooth L2CAP to reject incoming connections with 16-byte encryption keys (Security Mode 4 Level 4).

Reporter	Title	Published	Views	Family All 132
ATTACKERKB	CVE-2025-39889	24 Sep 202511:02	–	attackerkb
AstraLinux	Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12	16 Jun 202511:28	–	astralinux
Circl	CVE-2025-39889	2 Apr 202611:20	–	circl
CNNVD	Linux kernel 安全漏洞	24 Sep 202500:00	–	cnnvd
CVE	CVE-2025-39889	24 Sep 202511:02	–	cve
Debian CVE	CVE-2025-39889	24 Sep 202511:02	–	debiancve
EUVD	EUVD-2025-30958	3 Oct 202520:07	–	euvd
NVD	CVE-2025-39889	24 Sep 202511:15	–	nvd
Tenable Nessus	openSUSE 16 Security Update : kernel (openSUSE-SU-2025-20081-1)	2 Dec 202500:00	–	nessus
Tenable Nessus	Photon OS 5.0: Linux PHSA-2025-5.0-0517	6 May 202500:00	–	nessus

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/bluetooth/l2cap_core.c"
    ],
    "versions": [
      {
        "version": "4f911a538e089cce808a15dc3277250f4f8daef9",
        "lessThan": "ed503d340a501e414114ddc614a3aae4f6e9eae2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "288c06973daae4637f25a0d1bdaf65fdbf8455f9",
        "lessThan": "24b2cdfc16e9bd6ab3d03b8e01c590755bd3141f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "288c06973daae4637f25a0d1bdaf65fdbf8455f9",
        "lessThan": "c6d527bbd3d3896375079f5dbc8b7f96734a3ba5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "288c06973daae4637f25a0d1bdaf65fdbf8455f9",
        "lessThan": "9e3114958d87ea88383cbbf38c89e04b8ea1bce5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "288c06973daae4637f25a0d1bdaf65fdbf8455f9",
        "lessThan": "d49798ecd26e0ee7995a7fc1e90ca5cd9b4402d6",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "288c06973daae4637f25a0d1bdaf65fdbf8455f9",
        "lessThan": "d4ca2fd218caafbf50e3343ba1260c6a23b5676a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "288c06973daae4637f25a0d1bdaf65fdbf8455f9",
        "lessThan": "522e9ed157e3c21b4dd623c79967f72c21e45b78",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/bluetooth/l2cap_core.c"
    ],
    "versions": [
      {
        "version": "5.11",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.11",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.181",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.135",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.88",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.25",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.14.4",
        "lessThanOrEqual": "6.14.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.15",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/d49798ecd26e0ee7995a7fc1e90ca5cd9b4402d6
git	www.git.kernel.org/stable/c/9e3114958d87ea88383cbbf38c89e04b8ea1bce5
git	www.git.kernel.org/stable/c/c6d527bbd3d3896375079f5dbc8b7f96734a3ba5
git	www.git.kernel.org/stable/c/24b2cdfc16e9bd6ab3d03b8e01c590755bd3141f
git	www.git.kernel.org/stable/c/ed503d340a501e414114ddc614a3aae4f6e9eae2
git	www.git.kernel.org/stable/c/d4ca2fd218caafbf50e3343ba1260c6a23b5676a
git	www.git.kernel.org/stable/c/522e9ed157e3c21b4dd623c79967f72c21e45b78

11 May 2026 21:38Current

CVSS 3.18.1

EPSS0.00009