CVE-2025-39983Use After Free in Linux

CWE-416Use After Free6 documents5 sources
Severity
6.4MEDIUM
No vector
EPSS
0.0%
top 92.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 15

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue This fixes the following UAF caused by not properly locking hdev when processing HCI_EV_NUM_COMP_PKTS: BUG: KASAN: slab-use-after-free in hci_conn_tx_dequeue+0x1be/0x220 net/bluetooth/hci_conn.c:3036 Read of size 4 at addr ffff8880740f0940 by task kworker/u11:0/54 CPU: 1 UID: 0 PID: 54 Comm: kworker/u11:0 Not tainted 6.16.0-rc7 #3 PREEMPT(full) Hardware name: QEMU Standard

Affected Packages4 packages

Linuxlinux/linux_kernel6.15.06.16.10
Debianlinux/linux_kernel< 6.16.10-1
CVEListV5linux/linux134f4b39df7b77225a80ef585c15d46f964f5e6fdde33124f17cf3bab4dc5e18d1b4dee128361061+2
debiandebian/linux< linux 6.16.10-1 (forky)

🔴Vulnerability Details

3
OSV
CVE-2025-39983: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue This fixes the following UAF2025-10-15
OSV
Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue2025-10-15
GHSA
GHSA-q4fj-hr69-3p79: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue This fixes the following UA2025-10-15

📋Vendor Advisories

2
Red Hat
kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue2025-10-15
Debian
CVE-2025-39983: linux - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ...2025