12 matches found
kernel: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync
A flaw was found in the Linux kernel’s Bluetooth subsystem HCI. Specifically, in the function hciaclcreateconnsync and related path hcilecreateconnsync, a connection object in state BTOPEN that is still pending command submission may be freed prematurely, leading to a use-after-free condition. An...
Linux Distros Unpatched Vulnerability : CVE-2025-39982
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission...
CVE-2025-39982
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission conn-state == BTOPEN maybe freed, also since this also can happen wi...
Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync
...
EUVD-2025-34590
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission conn-state == BTOPEN maybe freed, also since this also can happen wi...
AZL-68522 CVE-2025-39982 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission conn-state == BTOPEN maybe freed, also since this also can happen wi...
UBUNTU-CVE-2025-39982
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission conn-state == BTOPEN maybe freed, also since this also can happen wi...
CVE-2025-39982
CVE-2025-39982 is a Linux kernel Bluetooth (hci_event) UAF in hci_acl_create_conn_sync. The initial CVE description confirms a use-after-free in hci_acl_create_conn_sync that can occur while a pending connection is being submitted (conn->state == BT_OPEN) and is similarly implicated for hci_le...
PT-2025-42257
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc7 Description The Linux kernel contains a use-after-free issue within the Bluetooth stack, specifically in the hci acl create conn sync function. This flaw occurs when a connection is pending command...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a post-release reuse issue in hciaclcreateconnsync and hcilecreateconnsync, which could lead to memory...
EUVD-2013-5554
Malware in sbrugna...
SUSE CVE-2013-5717
The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service application crash via a crafted packet that is not properly handled by the wmemblockalloc function in...