[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-39981":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":14,"duplicates":89,"related":90,"reserved_at":9,"published_at":107,"modified_at":108,"state":109,"summary":110,"references_raw":114,"kevs":133,"epss":134,"epss_history":137,"metrics":405,"affected":406},"CVE-2025-39981","In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix possible UAFs\n\nThis attemps to fix possible UAFs caused by struct mgmt_pending being\nfreed while still being processed like in the following trace, in order\nto fix mgmt_pending_valid is introduce and use to check if the\nmgmt_pending hasn't been removed from the pending list, on the complete\ncallbacks it is used to check and in addtion remove the cmd from the list\nwhile holding mgmt_pending_lock to avoid TOCTOU problems since if the cmd\nis left on the list it can still be accessed and freed.\n\nBUG: KASAN: slab-use-after-free in mgmt_add_adv_patterns_monitor_sync+0x35/0x50 net/bluetooth/mgmt.c:5223\nRead of size 8 at addr ffff8880709d4dc0 by task kworker/u11:0/55\n\nCPU: 0 UID: 0 PID: 55 Comm: kworker/u11:0 Not tainted 6.16.4 #2 PREEMPT(full)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003CTASK>\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n mgmt_add_adv_patterns_monitor_sync+0x35/0x50 net/bluetooth/mgmt.c:5223\n hci_cmd_sync_work+0x210/0x3a0 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3238 [inline]\n process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n kthread+0x711/0x8a0 kernel/kthread.c:464\n ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 home/kwqcheii/source/fuzzing/kernel/kasan/linux-6.16.4/arch/x86/entry/entry_64.S:245\n \u003C/TASK>\n\nAllocated by task 12210:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4364\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n mgmt_pending_new+0x65/0x1e0 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x35/0x140 net/bluetooth/mgmt_util.c:296\n __add_adv_patterns_monitor+0x130/0x200 net/bluetooth/mgmt.c:5247\n add_adv_patterns_monitor+0x214/0x360 net/bluetooth/mgmt.c:5364\n hci_mgmt_cmd+0x9c9/0xef0 net/bluetooth/hci_sock.c:1719\n hci_sock_sendmsg+0x6ca/0xef0 net/bluetooth/hci_sock.c:1839\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:729\n sock_write_iter+0x258/0x330 net/socket.c:1133\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x5c9/0xb30 fs/read_write.c:686\n ksys_write+0x145/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 12221:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x62/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2381 [inline]\n slab_free mm/slub.c:4648 [inline]\n kfree+0x18e/0x440 mm/slub.c:4847\n mgmt_pending_free net/bluetooth/mgmt_util.c:311 [inline]\n mgmt_pending_foreach+0x30d/0x380 net/bluetooth/mgmt_util.c:257\n __mgmt_power_off+0x169/0x350 net/bluetooth/mgmt.c:9444\n hci_dev_close_sync+0x754/0x1330 net/bluetooth/hci_sync.c:5290\n hci_dev_do_close net/bluetooth/hci_core.c:501 [inline]\n hci_dev_close+0x108/0x200 net/bluetooth/hci_core.c:526\n sock_do_ioctl+0xd9/0x300 net/socket.c:1192\n sock_ioctl+0x576/0x790 net/socket.c:1313\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf\n---truncated---",null,[],[],[],[],[15,17,19,21,23,25,27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87],{"_key":16},"SUSE-SU-2025:4057-1",{"_key":18},"SUSE-SU-2025:4132-1",{"_key":20},"SUSE-SU-2025:4320-1",{"_key":22},"SUSE-SU-2025:4128-1",{"_key":24},"SUSE-SU-2025:4301-1",{"_key":26},"SUSE-SU-2025:21040-1",{"_key":28},"SUSE-SU-2025:21052-1",{"_key":30},"SUSE-SU-2025:21056-1",{"_key":32},"SUSE-SU-2025:21064-1",{"_key":34},"SUSE-SU-2025:21080-1",{"_key":36},"SUSE-SU-2025:21147-1",{"_key":38},"SUSE-SU-2025:21180-1",{"_key":40},"SUSE-SU-2025:4141-1",{"_key":42},"SUSE-SU-2025:4149-1",{"_key":44},"SUSE-SU-2025:4140-1",{"_key":46},"OPENSUSE-SU-2025:20091-1",{"_key":48},"DEBIAN-CVE-2025-39981",{"_key":50},"USN-8095-1",{"_key":52},"USN-8095-2",{"_key":54},"USN-8095-3",{"_key":56},"USN-8095-4",{"_key":58},"USN-8095-5",{"_key":60},"USN-8100-1",{"_key":62},"USN-8125-1",{"_key":64},"USN-8165-1",{"_key":66},"USN-8126-1",{"_key":68},"RHSA-2025:22405",{"_key":70},"RHSA-2025:22854",{"_key":72},"RHSA-2026:0271",{"_key":74},"RHSA-2026:0457",{"_key":76},"RHSA-2026:10108",{"_key":78},"RHSA-2026:9512",{"_key":80},"RHSA-2026:9644",{"_key":82},"UBUNTU-CVE-2025-39981",{"_key":84},"USN-8261-1",{"_key":86},"RHSA-2026:21706",{"_key":88},"RHSA-2026:21745",[],[91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106],{"_key":16},{"_key":18},{"_key":20},{"_key":22},{"_key":24},{"_key":26},{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},"2025-10-15T07:56:00.959Z","2026-05-17T15:21:12.917Z","Deferred",{"cisa_kev":111,"cisa_ransomware":111,"cisa_vendor":9,"epss_severity":112,"epss_score":113,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":109},false,"low",0.00032,[115,121,125,129],{"url":116,"sources":117,"tags":120},"https://git.kernel.org/stable/c/d71b98f253b079cbadc83266383f26fe7e9e103b",[118,119],"cve.org","nvd",[],{"url":122,"sources":123,"tags":124},"https://git.kernel.org/stable/c/87a1f16f07c6c43771754075e08f45b41d237421",[118,119],[],{"url":126,"sources":127,"tags":128},"https://git.kernel.org/stable/c/302a1f674c00dd5581ab8e493ef44767c5101aab",[118,119],[],{"url":130,"sources":131,"tags":132},"https://git.kernel.org/stable/c/0b60eb04b8524e1b4b3f07fea0d16fda9a677d9a",[118,119],[],[],{"date":135,"score":113,"percentile":136},"2026-06-04",0.09586,[138,142,145,148,151,154,157,160,163,166,169,172,175,179,182,185,188,191,194,197,200,203,206,209,212,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,260,263,266,269,272,275,278,281,284,288,291,294,297,300,303,306,309,312,315,318,321,324,326,328,331,334,337,340,343,346,348,351,354,357,360,362,365,368,370,373,376,378,381,384,387,390,393,396,399,402],{"date":139,"score":140,"percentile":141},"2025-11-04",0.00024,0.05223,{"date":143,"score":140,"percentile":144},"2025-11-05",0.05226,{"date":146,"score":140,"percentile":147},"2025-11-06",0.05341,{"date":149,"score":140,"percentile":150},"2025-11-07",0.05352,{"date":152,"score":140,"percentile":153},"2025-11-08",0.05344,{"date":155,"score":140,"percentile":156},"2025-11-09",0.05345,{"date":158,"score":140,"percentile":159},"2025-11-10",0.0532,{"date":161,"score":140,"percentile":162},"2025-11-11",0.05349,{"date":164,"score":140,"percentile":165},"2025-11-12",0.05362,{"date":167,"score":140,"percentile":168},"2025-11-13",0.05378,{"date":170,"score":140,"percentile":171},"2025-11-14",0.05416,{"date":173,"score":140,"percentile":174},"2025-11-15",0.05443,{"date":176,"score":177,"percentile":178},"2025-11-16",0.00026,0.06249,{"date":180,"score":177,"percentile":181},"2025-11-17",0.06239,{"date":183,"score":177,"percentile":184},"2025-11-18",0.0373,{"date":186,"score":177,"percentile":187},"2025-11-19",0.03783,{"date":189,"score":177,"percentile":190},"2025-11-20",0.0385,{"date":192,"score":177,"percentile":193},"2025-11-21",0.06359,{"date":195,"score":177,"percentile":196},"2025-11-22",0.06311,{"date":198,"score":177,"percentile":199},"2025-11-23",0.06289,{"date":201,"score":140,"percentile":202},"2025-11-24",0.05306,{"date":204,"score":140,"percentile":205},"2025-11-25",0.05309,{"date":207,"score":140,"percentile":208},"2025-11-26",0.05339,{"date":210,"score":140,"percentile":211},"2025-11-27",0.05356,{"date":213,"score":140,"percentile":214},"2025-11-28",0.05336,{"date":216,"score":140,"percentile":217},"2025-11-29",0.05382,{"date":219,"score":140,"percentile":220},"2025-11-30",0.05377,{"date":222,"score":140,"percentile":223},"2025-12-01",0.05465,{"date":225,"score":140,"percentile":226},"2025-12-02",0.05481,{"date":228,"score":140,"percentile":229},"2025-12-03",0.05504,{"date":231,"score":140,"percentile":232},"2025-12-04",0.05457,{"date":234,"score":140,"percentile":235},"2025-12-05",0.05521,{"date":237,"score":140,"percentile":238},"2025-12-06",0.05533,{"date":240,"score":140,"percentile":241},"2025-12-07",0.05531,{"date":243,"score":140,"percentile":244},"2025-12-08",0.05528,{"date":246,"score":140,"percentile":247},"2025-12-09",0.05572,{"date":249,"score":140,"percentile":250},"2025-12-10",0.05638,{"date":252,"score":140,"percentile":253},"2025-12-11",0.05636,{"date":255,"score":140,"percentile":256},"2025-12-12",0.05666,{"date":258,"score":140,"percentile":259},"2025-12-13",0.05703,{"date":261,"score":140,"percentile":262},"2025-12-14",0.0568,{"date":264,"score":140,"percentile":265},"2025-12-15",0.05671,{"date":267,"score":140,"percentile":268},"2025-12-16",0.05689,{"date":270,"score":140,"percentile":271},"2025-12-17",0.05752,{"date":273,"score":140,"percentile":274},"2025-12-18",0.0579,{"date":276,"score":140,"percentile":277},"2025-12-19",0.05782,{"date":279,"score":140,"percentile":280},"2025-12-20",0.05777,{"date":282,"score":140,"percentile":283},"2025-12-21",0.05766,{"date":285,"score":286,"percentile":287},"2025-12-22",0.00025,0.06104,{"date":289,"score":286,"percentile":290},"2025-12-23",0.06116,{"date":292,"score":286,"percentile":293},"2025-12-24",0.06148,{"date":295,"score":286,"percentile":296},"2025-12-25",0.06198,{"date":298,"score":286,"percentile":299},"2025-12-26",0.06187,{"date":301,"score":286,"percentile":302},"2025-12-27",0.06186,{"date":304,"score":286,"percentile":305},"2025-12-28",0.06181,{"date":307,"score":286,"percentile":308},"2025-12-29",0.06167,{"date":310,"score":286,"percentile":311},"2025-12-30",0.06149,{"date":313,"score":286,"percentile":314},"2025-12-31",0.06209,{"date":316,"score":286,"percentile":317},"2026-01-01",0.06275,{"date":319,"score":286,"percentile":320},"2026-01-02",0.06269,{"date":322,"score":286,"percentile":323},"2026-01-03",0.0625,{"date":325,"score":286,"percentile":308},"2026-01-04",{"date":327,"score":286,"percentile":290},"2026-01-05",{"date":329,"score":286,"percentile":330},"2026-01-06",0.06123,{"date":332,"score":286,"percentile":333},"2026-01-07",0.06144,{"date":335,"score":286,"percentile":336},"2026-01-08",0.06202,{"date":338,"score":286,"percentile":339},"2026-01-09",0.06199,{"date":341,"score":286,"percentile":342},"2026-01-10",0.062,{"date":344,"score":286,"percentile":345},"2026-01-11",0.06207,{"date":347,"score":286,"percentile":302},"2026-01-12",{"date":349,"score":286,"percentile":350},"2026-01-13",0.06173,{"date":352,"score":286,"percentile":353},"2026-01-14",0.06224,{"date":355,"score":286,"percentile":356},"2026-01-15",0.06231,{"date":358,"score":286,"percentile":359},"2026-01-16",0.06242,{"date":361,"score":286,"percentile":178},"2026-01-17",{"date":363,"score":286,"percentile":364},"2026-01-18",0.06247,{"date":366,"score":286,"percentile":367},"2026-01-19",0.06228,{"date":369,"score":286,"percentile":302},"2026-01-20",{"date":371,"score":286,"percentile":372},"2026-01-21",0.06179,{"date":374,"score":286,"percentile":375},"2026-01-22",0.06147,{"date":377,"score":286,"percentile":345},"2026-01-23",{"date":379,"score":286,"percentile":380},"2026-01-24",0.06244,{"date":382,"score":286,"percentile":383},"2026-01-25",0.06192,{"date":385,"score":286,"percentile":386},"2026-01-26",0.06177,{"date":388,"score":286,"percentile":389},"2026-01-27",0.06155,{"date":391,"score":286,"percentile":392},"2026-01-28",0.06131,{"date":394,"score":286,"percentile":395},"2026-01-29",0.06137,{"date":397,"score":286,"percentile":398},"2026-01-30",0.06139,{"date":400,"score":286,"percentile":401},"2026-01-31",0.06125,{"date":403,"score":286,"percentile":404},"2026-02-01",0.06166,[],[407],{"ecosystem":9,"name":408,"vendor":409,"product":409,"cpe_part":410,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":411},"Linux","linux","a",[412,419,422,425,428],{"version":413,"is_range":414,"range_type":118,"version_start":415,"version_start_type":416,"version_end":417,"version_end_type":418,"fixed_in":9},">= cf75ad8b41d2aa06f98f365d42a3ae8b059daddd, \u003C 0b60eb04b8524e1b4b3f07fea0d16fda9a677d9a",true,"cf75ad8b41d2aa06f98f365d42a3ae8b059daddd","including","0b60eb04b8524e1b4b3f07fea0d16fda9a677d9a","excluding",{"version":420,"is_range":414,"range_type":118,"version_start":415,"version_start_type":416,"version_end":421,"version_end_type":418,"fixed_in":9},">= cf75ad8b41d2aa06f98f365d42a3ae8b059daddd, \u003C d71b98f253b079cbadc83266383f26fe7e9e103b","d71b98f253b079cbadc83266383f26fe7e9e103b",{"version":423,"is_range":414,"range_type":118,"version_start":415,"version_start_type":416,"version_end":424,"version_end_type":418,"fixed_in":9},">= cf75ad8b41d2aa06f98f365d42a3ae8b059daddd, \u003C 87a1f16f07c6c43771754075e08f45b41d237421","87a1f16f07c6c43771754075e08f45b41d237421",{"version":426,"is_range":414,"range_type":118,"version_start":415,"version_start_type":416,"version_end":427,"version_end_type":418,"fixed_in":9},">= cf75ad8b41d2aa06f98f365d42a3ae8b059daddd, \u003C 302a1f674c00dd5581ab8e493ef44767c5101aab","302a1f674c00dd5581ab8e493ef44767c5101aab",{"version":429,"is_range":111,"range_type":118,"version_start":429,"version_start_type":416,"version_end":429,"version_end_type":416,"fixed_in":9},"5.17"]