PT-2025-42257 · Linux+5 · Linux Kernel+5

Published

2025-10-15

·

Updated

2026-05-07

·

CVE-2025-39982

CVSS v2.0

7.7

High

VectorAV:A/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc7
Description The Linux kernel contains a use-after-free issue within the Bluetooth stack, specifically in the hci acl create conn sync function. This flaw occurs when a connection is pending command submission and is freed prematurely. The issue is related to handling Bluetooth connections and can lead to system instability or potential code execution. The vulnerability is triggered during the handling of HCI ACL (Asynchronous Connection-Less) packets. The root cause is a race condition where a connection object is freed while still being used. The vulnerability is present in the handling of HCI events and can be triggered through the hci connect acl function.
Recommendations Update the Linux kernel to version 6.16.0-rc7 or later.

Exploit

Fix

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:22854
AZL-68522
BDU:2026-02765
CVE-2025-39982
DLA-4379-1
DSA-6053-1
ECHO-2733-78D1-24D8
INFSA-2025_21469
MGASA-2025-0309
MGASA-2025-0310
OESA-2025-2551
OESA-2025-2552
OESA-2025-2556
OPENSUSE-SU-2025:20091-1
RHSA-2025_21469
RHSA-2026:0271
RHSA-2026:0489
RHSA-2026:0534
RHSA-2026:0535
RHSA-2026:0537
RHSA-2026:0576
SUSE-SU-2025:21040-1
SUSE-SU-2025:21052-1
SUSE-SU-2025:21056-1
SUSE-SU-2025:21064-1
SUSE-SU-2025:21080-1
SUSE-SU-2025:21147-1
SUSE-SU-2025:21180-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4128-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4140-1
SUSE-SU-2025:4141-1
SUSE-SU-2025:4301-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8165-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu