CVE-2025-38118

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0

Description: A use-after-free vulnerability has been identified in the Linux kernel's Bluetooth management functionality. The issue arises from the mgmt remove adv monitor complete function, which can lead to crashes. The vulnerability is caused by the use of mgmt pending add in MGMT OP REMOVE ADV MONITOR, resulting in a slab-use-after-free error. This vulnerability can be exploited, but no specific details about real-world incidents or the number of potentially affected devices are provided.

Recommendations: For Linux kernel versions prior to 6.15.0, update to version 6.15.0 or later to resolve the issue. As a temporary workaround, consider disabling the Bluetooth management functionality until a patch is available. Restrict access to the vulnerable mgmt remove adv monitor complete function to minimize the risk of exploitation. Avoid using the mgmt pending add function in the affected Bluetooth management API endpoint until the issue is resolved.