216.73.217.19

CVE-2025-40283

· Published 06/12/2025 22:15 · Modified 08/12/2025 18:26

Labels: CVE-2025-40283 2025-12-06416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2025-40283

Essential information

Published
06/12/2025 22:15
Modified
08/12/2025 18:26
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF There is a KASAN: slab-use-after-free read in btusb_disconnect(). Calling "usb_driver_release_interface(&btusb_driver, data->intf)" will free the btusb data associated with the interface. The same data is then used later in the function, hence the UAF. Fix by moving the accesses to btusb data to before the data is free'd.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

References