-

CVE-2025-40141

EPSS 0.03%
Veröffentlicht 12.11.2025 10:23:24
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

Bluetooth: ISO: Fix possible UAF on iso_conn_free

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: ISO: Fix possible UAF on iso_conn_free

This attempt to fix similar issue to sco_conn_free where if the
conn->sk is not set to NULL may lead to UAF on iso_conn_free.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

CNA 2 VulnDex Vulnerability Enrichment 7

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version ccf74f2390d60a2f9a75ef496d2564abb478f46a

Version < eba6d787ec117a5d2c60f9644e0a39c18542b6be

Status affected

Version ccf74f2390d60a2f9a75ef496d2564abb478f46a

Version < 5319145a07d8bf5b0782b25cb3115825689d42bb

Status affected

Version ccf74f2390d60a2f9a75ef496d2564abb478f46a

Version < 80689777919f02328eb873769de4647c9dd3e371

Status affected

Version ccf74f2390d60a2f9a75ef496d2564abb478f46a

Version < c92ad1a155ccfa38b87bd1d998287e1c0a24248d

Status affected

Version ccf74f2390d60a2f9a75ef496d2564abb478f46a

Version < 9950f095d6c875dbe0c9ebfcf972ec88fdf26fc8

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.0

Status affected

Version 0

Version < 6.0

Status unaffected

Version <= 6.1.*

Version 6.1.156

Status unaffected

Version <= 6.6.*

Version 6.6.112

Status unaffected

Version <= 6.12.*

Version 6.12.53

Status unaffected

Version <= 6.17.*

Version 6.17.3

Status unaffected

Version <= *

Version 6.18

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.084

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/eba6d787ec117a5d2c60f9644e0a39c18542b6be

https://git.kernel.org/stable/c/5319145a07d8bf5b0782b25cb3115825689d42bb

https://git.kernel.org/stable/c/80689777919f02328eb873769de4647c9dd3e371

https://git.kernel.org/stable/c/c92ad1a155ccfa38b87bd1d998287e1c0a24248d

https://git.kernel.org/stable/c/9950f095d6c875dbe0c9ebfcf972ec88fdf26fc8

https://nvd.nist.gov/vuln/detail/CVE-2025-40141

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40141

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40141

EUVD