PT-2025-49441 · Linux+3 · Linux Kernel+3

Published

2025-09-27

·

Updated

2026-05-26

·

CVE-2025-40309

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc5-g717368f83676 #4
Description The Linux kernel contains a use-after-free issue within the Bluetooth Subclass Offset (SCO) component. This flaw is related to improper handling of memory freeing during SCO connection management, specifically within the sco conn free function. The issue manifests as a slab-use-after-free condition, potentially leading to system instability or other undefined behavior. The vulnerability is triggered during the handling of Bluetooth connections and can occur when a connection is unexpectedly released while still in use.
Recommendations Update to a version newer than 6.17.0-rc5-g717368f83676 #4.

Exploit

Fix

Buffer Overflow

Use After Free

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

BDU:2026-01313
CVE-2025-40309
DLA-4404-1
ECHO-DB35-C03E-F270
MGASA-2026-0017
MGASA-2026-0018
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:1447-1
SUSE-SU-2026:1456-1
SUSE-SU-2026:1458-1
SUSE-SU-2026:1463-1
SUSE-SU-2026:1468-1
SUSE-SU-2026:1505-1
SUSE-SU-2026:1513-1
SUSE-SU-2026:1532-1
SUSE-SU-2026:1583-1
SUSE-SU-2026:1613-1
SUSE-SU-2026:1631-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
SUSE-SU-2026:21268-1
SUSE-SU-2026:21269-1
SUSE-SU-2026:21270-1
SUSE-SU-2026:21278-1
SUSE-SU-2026:21279-1
SUSE-SU-2026:21293-1
SUSE-SU-2026:21294-1
SUSE-SU-2026:21295-1
SUSE-SU-2026:21296-1
SUSE-SU-2026:21297-1
SUSE-SU-2026:21298-1
SUSE-SU-2026:21299-1
SUSE-SU-2026:21300-1
SUSE-SU-2026:21302-1
SUSE-SU-2026:21305-1
SUSE-SU-2026:21306-1
SUSE-SU-2026:21307-1
SUSE-SU-2026:21308-1
SUSE-SU-2026:21309-1
SUSE-SU-2026:21310-1
SUSE-SU-2026:21311-1
SUSE-SU-2026:21312-1
SUSE-SU-2026:21313-1
SUSE-SU-2026:21316-1
SUSE-SU-2026:21322-1
SUSE-SU-2026:21323-1
SUSE-SU-2026:21324-1
SUSE-SU-2026:21325-1
SUSE-SU-2026:21326-1
SUSE-SU-2026:21327-1
SUSE-SU-2026:21328-1
SUSE-SU-2026:21329-1
SUSE-SU-2026:21330-1
SUSE-SU-2026:21333-1
SUSE-SU-2026:21334-1
SUSE-SU-2026:21335-1
SUSE-SU-2026:21336-1
SUSE-SU-2026:21337-1
SUSE-SU-2026:21338-1
SUSE-SU-2026:21339-1
SUSE-SU-2026:21340-1
SUSE-SU-2026:21341-1
SUSE-SU-2026:21343-1
SUSE-SU-2026:21349-1
SUSE-SU-2026:21385-1
SUSE-SU-2026:21386-1
SUSE-SU-2026:21402-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8100-1
USN-8116-1
USN-8125-1
USN-8126-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8165-1
USN-8243-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Ubuntu