CVE-2025-40141

Linux Kernel 6.0.0-6.17.2 - Use-After-Free in Bluetooth ISO Connection

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix possible UAF on iso_conn_free This attempt to fix similar issue to sco_conn_free where if the conn->sk is not set to NULL may lead to UAF on iso_conn_free.

Scores

EPSS 0.0020
EPSS Percentile 9.6%

Details

Status published
Products (16)
linux/Kernel 6.0.0 - 6.1.156linux
linux/Kernel 6.13.0 - 6.17.3linux
linux/Kernel 6.2.0 - 6.6.112linux
linux/Kernel 6.7.0 - 6.12.53linux
Linux/Linux < 6.0
Linux/Linux 6.0
Linux/Linux 6.1.156 - 6.1.*
Linux/Linux 6.12.53 - 6.12.*
Linux/Linux 6.17.3 - 6.17.*
Linux/Linux 6.18
... and 6 more
Published Nov 12, 2025
Tracked Since Feb 18, 2026