PT-2025-33791 · Linux+6 · Linux Kernel+6

Publicado

2025-07-23

·

Atualizado

2026-04-20

·

CVE-2025-38593

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.19-kernel
Description: A double-free vulnerability exists in the Bluetooth stack within the Linux kernel, specifically within the hci discovery filter clear() function. This function frees a memory region (uuids array) and subsequently sets it to NULL. A race condition can occur where the memory is freed again before being set to NULL, leading to a double-free error. This can occur during service discovery initiated by start service discovery(). The vulnerability is triggered by concurrent calls to hci discovery filter clear() from different contexts, potentially leading to kernel crashes as demonstrated by the provided backtrace.
Recommendations: Update to Linux kernel version 6.12.19-kernel or later to address this issue.

Exploit

Correção

DoS

Double Free

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-415CWE-476

Identificadores relacionados

AZL-66513
BDU:2026-02817
CVE-2025-38593
ECHO-4B3D-B2CF-FBB7
OESA-2025-2268
OESA-2025-2269
OESA-2025-2270
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3725-1
SUSE-SU-2025:3751-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7934-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Produtos afetados

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu