CVE-2025-71082

HIGH EPSS 2.2%
Published Jan 13, 20265mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Jan 13, 2026 5mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devm_kzalloc in btusb This reverts commit 98921dbd00c4e ("Bluetooth: Use devm_kzalloc in btusb.c file"). In btusb_probe(), we use devm_kzalloc() to allocate the btusb data. This ties the lifetime of all the btusb data to the binding of a driver to one interface, INTF. In a driver that binds to other interfaces, ISOC and DIAG, this is an accident waiting to happen. The issue is revealed in btusb_disconnect(), where calling usb_driver_release_interface(&btusb_driver, data->intf) will have devm free the data that is also being used by the other interfaces of the driver that may not be released yet. To fix this, revert the use of devm and go back to freeing memory explicitly.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 14

VendorProductVersionRange
linuxlinux_kernel*≥3.7.1  –  <5.15.198
linuxlinux_kernel*≥5.16  –  <6.1.160
linuxlinux_kernel*≥6.2  –  <6.6.120
linuxlinux_kernel*≥6.7  –  <6.12.64
linuxlinux_kernel*≥6.13  –  <6.18.4
linuxlinux_kernel3.7any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any

References 6

  • git.kernel.org https://git.kernel.org/stable/c/1e54c19eaf84ba652c4e376571093e58e144b339
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/252714f1e8bdd542025b16321c790458014d6880
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c0ecb3e4451fe94f4315e6d09c4046dfbc42090b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cca0e9206e3bcc63cd3e72193e60149165d493cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fdf7c640fb8a44a59b0671143d8c2f738bc48003
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fff9206b0907252a41eb12b7c1407b9347df18b1
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1e54c19eaf84ba652c4e376571093e58e144b339
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/252714f1e8bdd542025b16321c790458014d6880
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c0ecb3e4451fe94f4315e6d09c4046dfbc42090b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cca0e9206e3bcc63cd3e72193e60149165d493cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fdf7c640fb8a44a59b0671143d8c2f738bc48003
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fff9206b0907252a41eb12b7c1407b9347df18b1
    Patch