CVE-2025-40141

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: ISO: Fix possible UAF on iso_conn_free

This attempt to fix similar issue to sco_conn_free where if the conn->sk is not set to NULL may lead to UAF on iso_conn_free.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxccf74f2390d60a2f9a75ef496d2564abb478f46a < eba6d787ec117a5d2c60f9644e0a39c18542b6beaffected
LinuxLinuxccf74f2390d60a2f9a75ef496d2564abb478f46a < 5319145a07d8bf5b0782b25cb3115825689d42bbaffected
LinuxLinuxccf74f2390d60a2f9a75ef496d2564abb478f46a < 80689777919f02328eb873769de4647c9dd3e371affected
LinuxLinuxccf74f2390d60a2f9a75ef496d2564abb478f46a < c92ad1a155ccfa38b87bd1d998287e1c0a24248daffected
LinuxLinuxccf74f2390d60a2f9a75ef496d2564abb478f46a < 9950f095d6c875dbe0c9ebfcf972ec88fdf26fc8affected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.156 <= 6.1.*unaffected
LinuxLinux6.6.112 <= 6.6.*unaffected
LinuxLinux6.12.53 <= 6.12.*unaffected
LinuxLinux6.17.3 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References