CVE-2025-40283

NONE EPSS 8.1%
Published Dec 6, 20256mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Dec 6, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF There is a KASAN: slab-use-after-free read in btusb_disconnect(). Calling "usb_driver_release_interface(&btusb_driver, data->intf)" will free the btusb data associated with the interface. The same data is then used later in the function, hence the UAF. Fix by moving the accesses to btusb data to before the data is free'd.

Threat Intelligence

EPSS Exploit Probability
8.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/1c28c1e1522c773a94e26950ffb145e88cd9834b
  • git.kernel.org https://git.kernel.org/stable/c/23d22f2f71768034d6ef86168213843fc49bf550
  • git.kernel.org https://git.kernel.org/stable/c/297dbf87989e09af98f81f2bcb938041785557e8
  • git.kernel.org https://git.kernel.org/stable/c/5dc00065a0496c36694afe11e52a5bc64524a9b8
  • git.kernel.org https://git.kernel.org/stable/c/7a6d1e740220ff9dfcb6a8c994d6ba49e76db198
  • git.kernel.org https://git.kernel.org/stable/c/95b9b98c93b1c0916a3d4cf4540b7f5d69145a0d
  • git.kernel.org https://git.kernel.org/stable/c/a2610ecd9fd5708be8997ca8f033e4200c0bb6af
  • git.kernel.org https://git.kernel.org/stable/c/f858f004bc343a7ae9f2533bbb2a3ab27428532f

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.