VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-b78g-9jb1-dqan

Essentials
Severities (13)
References (28)
Severity details (10)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-b78g-9jb1-dqan
Aliases	CVE-2025-21969
Summary	kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd
Status	Published
Exploitability	0.5
Weighted Severity	6.4
Risk	3.2
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-416

Use After Free

System	Score	Found at
cvssv3	7.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21969.json
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2025-21969
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2025-21969
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2025-21969
cvssv3.1	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.8	https://git.kernel.org/stable/c/7790a79c6fce8d5d552bc64f5c82819f719e4f28
ssvc	Track	https://git.kernel.org/stable/c/7790a79c6fce8d5d552bc64f5c82819f719e4f28
cvssv3.1	7.8	https://git.kernel.org/stable/c/b4f82f9ed43aefa79bec2504ae8c29be0c0f5d1d
ssvc	Track	https://git.kernel.org/stable/c/b4f82f9ed43aefa79bec2504ae8c29be0c0f5d1d
cvssv3.1	7.8	https://git.kernel.org/stable/c/c96cce853542b3b13da3738f35ef1be8cfcc9d1d
ssvc	Track	https://git.kernel.org/stable/c/c96cce853542b3b13da3738f35ef1be8cfcc9d1d
cvssv3.1	7.8	https://git.kernel.org/stable/c/f8094625a591eeb0b75b1bd9e713fac1d93f5ca9
ssvc	Track	https://git.kernel.org/stable/c/f8094625a591eeb0b75b1bd9e713fac1d93f5ca9

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21969.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-21969
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2356633		https://bugzilla.redhat.com/show_bug.cgi?id=2356633
7790a79c6fce8d5d552bc64f5c82819f719e4f28		https://git.kernel.org/stable/c/7790a79c6fce8d5d552bc64f5c82819f719e4f28
b4f82f9ed43aefa79bec2504ae8c29be0c0f5d1d		https://git.kernel.org/stable/c/b4f82f9ed43aefa79bec2504ae8c29be0c0f5d1d
c96cce853542b3b13da3738f35ef1be8cfcc9d1d		https://git.kernel.org/stable/c/c96cce853542b3b13da3738f35ef1be8cfcc9d1d
f8094625a591eeb0b75b1bd9e713fac1d93f5ca9		https://git.kernel.org/stable/c/f8094625a591eeb0b75b1bd9e713fac1d93f5ca9
RHSA-2025:9079		https://access.redhat.com/errata/RHSA-2025:9079
RHSA-2025:9080		https://access.redhat.com/errata/RHSA-2025:9080
USN-7605-1		https://usn.ubuntu.com/7605-1/
USN-7605-2		https://usn.ubuntu.com/7605-2/
USN-7606-1		https://usn.ubuntu.com/7606-1/
USN-7628-1		https://usn.ubuntu.com/7628-1/
USN-7764-1		https://usn.ubuntu.com/7764-1/
USN-7764-2		https://usn.ubuntu.com/7764-2/
USN-7765-1		https://usn.ubuntu.com/7765-1/
USN-7766-1		https://usn.ubuntu.com/7766-1/
USN-7767-1		https://usn.ubuntu.com/7767-1/
USN-7767-2		https://usn.ubuntu.com/7767-2/
USN-7779-1		https://usn.ubuntu.com/7779-1/
USN-7790-1		https://usn.ubuntu.com/7790-1/
USN-7800-1		https://usn.ubuntu.com/7800-1/
USN-7801-1		https://usn.ubuntu.com/7801-1/
USN-7801-2		https://usn.ubuntu.com/7801-2/
USN-7801-3		https://usn.ubuntu.com/7801-3/
USN-7802-1		https://usn.ubuntu.com/7802-1/
USN-7809-1		https://usn.ubuntu.com/7809-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21969.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://git.kernel.org/stable/c/7790a79c6fce8d5d552bc64f5c82819f719e4f28

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T17:15:33Z/ Found at https://git.kernel.org/stable/c/7790a79c6fce8d5d552bc64f5c82819f719e4f28

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://git.kernel.org/stable/c/b4f82f9ed43aefa79bec2504ae8c29be0c0f5d1d

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T17:15:33Z/ Found at https://git.kernel.org/stable/c/b4f82f9ed43aefa79bec2504ae8c29be0c0f5d1d

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://git.kernel.org/stable/c/c96cce853542b3b13da3738f35ef1be8cfcc9d1d

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T17:15:33Z/ Found at https://git.kernel.org/stable/c/c96cce853542b3b13da3738f35ef1be8cfcc9d1d

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://git.kernel.org/stable/c/f8094625a591eeb0b75b1bd9e713fac1d93f5ca9

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T17:15:33Z/ Found at https://git.kernel.org/stable/c/f8094625a591eeb0b75b1bd9e713fac1d93f5ca9

Exploit Prediction Scoring System (EPSS)

Percentile	0.10779
EPSS Score	0.00035
Published At	June 5, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:47:04.583493+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21969.json	38.6.0