Bluetooth Vulnerability in Linux Kernel Affects Multiple Devices by Linux

CVE-2025-68304

What is CVE-2025-68304?

A race condition vulnerability exists in the Linux kernel's Bluetooth implementation, specifically within the hci_core module. The flaw arises from an improper lock handling strategy when looking up the hci_conn on the RX path for Bluetooth data packets. This oversight can lead to a situation where the hci_conn structure may be deleted concurrently while still in use, creating potential user-after-free scenarios. As a result, attackers may exploit this vulnerability to crash affected devices or to execute arbitrary code. To mitigate the issue, it is essential to ensure that all hci_conn lookups and associated operations are confined to a single critical section, preventing concurrent modifications during packet reception.

References