Wind River Support Network

Description

In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]Bluetooth: l2cap: Check encryption key size on incoming connection[EOL][EOL]This is required for passing GAP/SEC/SEM/BI-04-C PTS test case:[EOL]  Security Mode 4 Level 4, Responder - Invalid Encryption Key Size[EOL]  - 128 bit[EOL][EOL]This tests the security key with size from 1 to 15 bytes while the[EOL]Security Mode 4 Level 4 requests 16 bytes key size.[EOL][EOL]Currently PTS fails with the following logs:[EOL]- expected:Connection Response:[EOL]    Code: [3 (0x03)] Code[EOL]    Identifier: (lt)WildCard: Exists(gt)[EOL]    Length: [8 (0x0008)][EOL]    Destination CID: (lt)WildCard: Exists(gt)[EOL]    Source CID: [64 (0x0040)][EOL]    Result: [3 (0x0003)] Connection refused - Security block[EOL]    Status: (lt)WildCard: Exists(gt),[EOL]but received:Connection Response:[EOL]    Code: [3 (0x03)] Code[EOL]    Identifier: [1 (0x01)][EOL]    Length: [8 (0x0008)][EOL]    Destination CID: [64 (0x0040)][EOL]    Source CID: [64 (0x0040)][EOL]    Result: [0 (0x0000)] Connection Successful[EOL]    Status: [0 (0x0000)] No further information available[EOL][EOL]And HCI logs:[EOL]< HCI Command: Read Encrypti.. (0x05 (0x0008) plen 2[EOL)        Handle: 14 Address: 00:1B:DC:F2:24:10 (Vencer Co., Ltd.)EOL]> HCI Event: Command Complete (0x0e) plen 7[EOL]      Read Encryption Key Size (0x05 (0x0008) ncmd 1[EOL)        Status: Success (0x00)[EOL]        Handle: 14 Address: 00:1B:DC:F2:24:10 (Vencer Co., Ltd.)[EOL]        Key size: 7[EOL]> ACL Data RX: Handle 14 flags 0x02 dlen 12[EOL]      L2CAP: Connection Request (0x02) ident 1 len 4[EOL]        PSM: 4097 (0x1001)[EOL]        Source CID: 64[EOL]< ACL Data TX: Handle 14 flags 0x00 dlen 16[EOL]      L2CAP: Connection Response (0x03) ident 1 len 8[EOL]        Destination CID: 64[EOL]        Source CID: 64[EOL]        Result: Connection successful (0x0000)[EOL]        Status: No further information available (0x0000)

CVEs

• CVE-2025-39889