{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T08:33:42.099","vulnerabilities":[{"cve":{"id":"CVE-2025-40213","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-11-24T16:15:49.150","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete\n\nThere is a BUG: KASAN: stack-out-of-bounds in set_mesh_sync due to\nmemcpy from badly declared on-stack flexible array.\n\nAnother crash is in set_mesh_complete() due to double list_del via\nmgmt_pending_valid + mgmt_pending_remove.\n\nUse DEFINE_FLEX to declare the flexible array right, and don't memcpy\noutside bounds.\n\nAs mgmt_pending_valid removes the cmd from list, use mgmt_pending_free,\nand also report status on error."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/1c9aca1787e8395a2c59fef20e914467958969c5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/5c19daa93d9af29f1f46251b47e1ea66bcc8d679","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/e8785404de06a69d89dcdd1e9a0b6ea42dc6d327","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}