PT-2025-8835 · Linux+7 · Linux Kernel+7

Syzbot

·

Published

2025-01-15

·

Updated

2026-05-26

·

CVE-2024-58013

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0
Description A slab-use-after-free read issue has been identified in the Linux kernel's Bluetooth management functionality, specifically in the mgmt remove adv monitor sync function. This issue can cause a system crash. The problem arises from the incorrect handling of memory allocation and deallocation in the mgmt pending new and mgmt pending foreach functions.
Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the slab-use-after-free read issue in the Bluetooth management functionality. As a temporary workaround, consider disabling Bluetooth functionality until a patch is available. Restrict access to the vulnerable mgmt remove adv monitor sync function to minimize the risk of exploitation. Avoid using the hci cmd sync work function in the affected API endpoint until the issue is resolved.

Exploit

Fix

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:20095
ALT-PU-2025-12647
AZL-59052
BDU:2025-12083
CVE-2024-58013
DLA-4102-1
OESA-2025-1446
OESA-2025-1450
OPENSUSE-SU-2025_1177-1
OPENSUSE-SU-2025_1178-1
OPENSUSE-SU-2025_1180-1
RHSA-2025:20095
SUSE-SU-2025:01839-1
SUSE-SU-2025:01840-1
SUSE-SU-2025:01851-1
SUSE-SU-2025:01853-1
SUSE-SU-2025:01869-1
SUSE-SU-2025:01873-1
SUSE-SU-2025:01875-1
SUSE-SU-2025:01893-1
SUSE-SU-2025:01894-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01930-1
SUSE-SU-2025:01932-1
SUSE-SU-2025:01944-1
SUSE-SU-2025:01948-1
SUSE-SU-2025:01957-1
SUSE-SU-2025:1176-1
SUSE-SU-2025:1177-1
SUSE-SU-2025:1178-1
SUSE-SU-2025:1180-1
SUSE-SU-2025:1241-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025:20381-1
SUSE-SU-2025:20382-1
SUSE-SU-2025:20383-1
SUSE-SU-2025:20384-1
SUSE-SU-2025:20386-1
SUSE-SU-2025:20387-1
SUSE-SU-2025:20388-1
SUSE-SU-2025:20389-1
SUSE-SU-2025:20397-1
SUSE-SU-2025:20398-1
SUSE-SU-2025:20399-1
SUSE-SU-2025:20400-1
SUSE-SU-2025:20401-1
SUSE-SU-2025:20402-1
SUSE-SU-2025_1177-1
SUSE-SU-2025_1178-1
SUSE-SU-2025_1180-1
SUSE-SU-2025_1241-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7651-1
USN-7651-2
USN-7651-3
USN-7651-4
USN-7651-5
USN-7651-6
USN-7652-1
USN-7653-1
USN-7737-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu