Bluetooth UAF Vulnerability in Linux Kernel Affecting Multiple Versions
CVE-2025-39982

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 October 2025

What is CVE-2025-39982?

A vulnerability in the Linux kernel, specifically within the Bluetooth subsystem, has been identified that may lead to a use-after-free condition in the hci_acl_create_conn_sync function. This issue occurs when a Bluetooth connection is pending while a command submission is processed, potentially allowing the freed memory to be accessed inappropriately. This can compromise system stability and security. The bug has been addressed in updates to ensure that memory is managed correctly, eliminating the risk of exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux aef2aa4fa98e18ea5d9345bf777ee698c8598728 < 6243bda271a628c48875e3e473206e7f584892ce

Linux aef2aa4fa98e18ea5d9345bf777ee698c8598728

Linux aef2aa4fa98e18ea5d9345bf777ee698c8598728 < 484c7d571a3d1b3fd298fa691b660438c4548a53

References

https://git.kernel.org/stable/c/6243bda271a628c48875e3e47...
https://git.kernel.org/stable/c/bcce99f613163a43de24674b7...
https://git.kernel.org/stable/c/484c7d571a3d1b3fd298fa691...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.