SB2025120863 - Use-after-free in Linux kernel bluetooth
Published: December 8, 2025
Security Bulletin ID
SB2025120863
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2025-40309)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sco_sock_kill() function in net/bluetooth/sco.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/03371c0218189b185595b65a04dad60076ca9718
- https://git.kernel.org/stable/c/391f83547b7b2c63e4b572ab838e10a06cfa4425
- https://git.kernel.org/stable/c/57707135755bd78b1fe5acaebb054fba4739e14c
- https://git.kernel.org/stable/c/c17caff1062ca91ebac44bfd01d2fb3d99dc0e23
- https://git.kernel.org/stable/c/c419674cc74309ffaabc591e7200efb49a18fccd
- https://git.kernel.org/stable/c/d2850f037c2ae75882d68ae654d546ff5c0f678c
- https://git.kernel.org/stable/c/ecb9a843be4d6fd710d7026e359f21015a062572
- https://git.kernel.org/stable/c/ed10dddc7df2daaf2a4d98a972aac5183e738cc0