Bluetooth Vulnerability in Linux Kernel Affecting Device Connection Handling
CVE-2025-39983

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-39983?

A use-after-free vulnerability has been identified in the Bluetooth subsystem of the Linux kernel, specifically within the processing of HCI events related to connection handling. This flaw could lead to potential memory access violations, allowing unauthorized users to exploit the weakness. The issue arises from improper locking mechanisms, which can leave memory handles dangling if connections are manipulated without appropriate safeguards. This vulnerability underscores the importance of diligent memory management practices, particularly in scenarios involving device connectivity and interaction.

Affected Version(s)

Linux 134f4b39df7b77225a80ef585c15d46f964f5e6f

Linux 134f4b39df7b77225a80ef585c15d46f964f5e6f < 2e128683176a56459cef8705fc7c35f438f88abd

Linux 6.15

References

https://git.kernel.org/stable/c/dde33124f17cf3bab4dc5e18d...

https://git.kernel.org/stable/c/2e128683176a56459cef8705f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2025
Vulnerability Reserved
Apr 16, 2025

JSON