{"id":"CVE-2025-37792","summary":"Bluetooth: btrtl: Prevent potential NULL dereference","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file.  However, if it loaded\na zero length file then the error code is not set correctly.  It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference.  This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to 'ERR_PTR'","modified":"2026-05-18T05:57:28.158377134Z","published":"2025-05-01T13:07:24.882Z","related":["SUSE-SU-2025:01964-1","SUSE-SU-2025:01965-1","SUSE-SU-2025:02000-1","SUSE-SU-2025:02254-1","SUSE-SU-2025:02307-1","SUSE-SU-2025:02333-1","SUSE-SU-2025:02923-1","SUSE-SU-2025:20408-1","SUSE-SU-2025:20413-1","SUSE-SU-2025:20419-1","SUSE-SU-2025:20421-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37792.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2d7c60c2a38b4b461fa960ad0995136a6bfe0756"},{"type":"WEB","url":"https://git.kernel.org/stable/c/324dddea321078a6eeb535c2bff5257be74c9799"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3db6605043b50c8bb768547b23e0222f67ceef3e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/53ceef799dcfc22c734d600811bfc9dd32eaea0a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/73dc99c0ea94abd22379b2d82cacbc73f3e18ec1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aaf356f872a60db1e96fb762a62c4607fd22741f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c3e9717276affe59fd8213706db021b493e81e34"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d8441818690d795232331bd8358545c5c95b6b72"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37792.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37792"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"26503ad25de8c7c93a2037f919c2e49a62cf65f1"},{"fixed":"c3e9717276affe59fd8213706db021b493e81e34"},{"fixed":"73dc99c0ea94abd22379b2d82cacbc73f3e18ec1"},{"fixed":"2d7c60c2a38b4b461fa960ad0995136a6bfe0756"},{"fixed":"d8441818690d795232331bd8358545c5c95b6b72"},{"fixed":"3db6605043b50c8bb768547b23e0222f67ceef3e"},{"fixed":"aaf356f872a60db1e96fb762a62c4607fd22741f"},{"fixed":"53ceef799dcfc22c734d600811bfc9dd32eaea0a"},{"fixed":"324dddea321078a6eeb535c2bff5257be74c9799"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37792.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.19.0"},{"fixed":"5.4.293"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.237"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.181"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.135"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.88"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.25"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.14.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37792.json"}}],"schema_version":"1.7.5"}