Use After Free Vulnerability in Linux Kernel Bluetooth Module
CVE-2025-39981

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 October 2025

What is CVE-2025-39981?

A vulnerability in the Linux kernel Bluetooth module can lead to a Use After Free condition. This occurs when the 'mgmt_pending' structure is freed while still being processed. Specifically, it puts the system at risk by potentially allowing access to freed memory areas, which may be exploited to cause unexpected behavior or crashes. Implementation of checks to confirm that 'mgmt_pending' is still valid ensures better protection against such conditions, addressing potential threats that could arise during the execution of Bluetooth management commands.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux cf75ad8b41d2aa06f98f365d42a3ae8b059daddd

Linux cf75ad8b41d2aa06f98f365d42a3ae8b059daddd < 87a1f16f07c6c43771754075e08f45b41d237421

Linux cf75ad8b41d2aa06f98f365d42a3ae8b059daddd < 302a1f674c00dd5581ab8e493ef44767c5101aab

References

https://git.kernel.org/stable/c/d71b98f253b079cbadc832663...
https://git.kernel.org/stable/c/87a1f16f07c6c43771754075e...
https://git.kernel.org/stable/c/302a1f674c00dd5581ab8e493...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.