[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-39982":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":14,"duplicates":91,"related":92,"reserved_at":9,"published_at":109,"modified_at":110,"state":111,"summary":112,"references_raw":116,"kevs":139,"epss":140,"epss_history":143,"metrics":413,"affected":414},"CVE-2025-39982","In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync\n\nThis fixes the following UFA in hci_acl_create_conn_sync where a\nconnection still pending is command submission (conn->state == BT_OPEN)\nmaybe freed, also since this also can happen with the likes of\nhci_le_create_conn_sync fix it as well:\n\nBUG: KASAN: slab-use-after-free in hci_acl_create_conn_sync+0x5ef/0x790 net/bluetooth/hci_sync.c:6861\nWrite of size 2 at addr ffff88805ffcc038 by task kworker/u11:2/9541\n\nCPU: 1 UID: 0 PID: 9541 Comm: kworker/u11:2 Not tainted 6.16.0-rc7 #3 PREEMPT(full)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\nWorkqueue: hci3 hci_cmd_sync_work\nCall Trace:\n \u003CTASK>\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x230 mm/kasan/report.c:480\n kasan_report+0x118/0x150 mm/kasan/report.c:593\n hci_acl_create_conn_sync+0x5ef/0x790 net/bluetooth/hci_sync.c:6861\n hci_cmd_sync_work+0x210/0x3a0 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3238 [inline]\n process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n kthread+0x70e/0x8a0 kernel/kthread.c:464\n ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 home/kwqcheii/source/fuzzing/kernel/kasan/linux-6.16-rc7/arch/x86/entry/entry_64.S:245\n \u003C/TASK>\n\nAllocated by task 123736:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n __hci_conn_add+0x233/0x1b30 net/bluetooth/hci_conn.c:939\n hci_conn_add_unset net/bluetooth/hci_conn.c:1051 [inline]\n hci_connect_acl+0x16c/0x4e0 net/bluetooth/hci_conn.c:1634\n pair_device+0x418/0xa70 net/bluetooth/mgmt.c:3556\n hci_mgmt_cmd+0x9c9/0xef0 net/bluetooth/hci_sock.c:1719\n hci_sock_sendmsg+0x6ca/0xef0 net/bluetooth/hci_sock.c:1839\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n sock_write_iter+0x258/0x330 net/socket.c:1131\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x54b/0xa90 fs/read_write.c:686\n ksys_write+0x145/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 103680:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x62/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2381 [inline]\n slab_free mm/slub.c:4643 [inline]\n kfree+0x18e/0x440 mm/slub.c:4842\n device_release+0x9c/0x1c0\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x22b/0x480 lib/kobject.c:737\n hci_conn_cleanup net/bluetooth/hci_conn.c:175 [inline]\n hci_conn_del+0x8ff/0xcb0 net/bluetooth/hci_conn.c:1173\n hci_conn_complete_evt+0x3c7/0x1040 net/bluetooth/hci_event.c:3199\n hci_event_func net/bluetooth/hci_event.c:7477 [inline]\n hci_event_packet+0x7e0/0x1200 net/bluetooth/hci_event.c:7531\n hci_rx_work+0x46a/0xe80 net/bluetooth/hci_core.c:4070\n process_one_work kernel/workqueue.c:3238 [inline]\n process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n kthread+0x70e/0x8a0 kernel/kthread.c:464\n ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 home/kwqcheii/sour\n---truncated---",null,[],[],[],[],[15,17,19,21,23,25,27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89],{"_key":16},"DLA-4379-1",{"_key":18},"DSA-6053-1",{"_key":20},"SUSE-SU-2025:4057-1",{"_key":22},"SUSE-SU-2025:4132-1",{"_key":24},"SUSE-SU-2025:4128-1",{"_key":26},"SUSE-SU-2025:4301-1",{"_key":28},"RHSA-2026:0489",{"_key":30},"SUSE-SU-2025:21040-1",{"_key":32},"SUSE-SU-2025:21052-1",{"_key":34},"SUSE-SU-2025:21056-1",{"_key":36},"SUSE-SU-2025:21064-1",{"_key":38},"SUSE-SU-2025:21080-1",{"_key":40},"SUSE-SU-2025:21147-1",{"_key":42},"SUSE-SU-2025:21180-1",{"_key":44},"SUSE-SU-2025:4141-1",{"_key":46},"SUSE-SU-2025:4140-1",{"_key":48},"OPENSUSE-SU-2025:20091-1",{"_key":50},"RHSA-2025:21469",{"_key":52},"MGASA-2025-0309",{"_key":54},"MGASA-2025-0310",{"_key":56},"RHSA-2026:0534",{"_key":58},"RHSA-2026:0535",{"_key":60},"DEBIAN-CVE-2025-39982",{"_key":62},"USN-8095-1",{"_key":64},"USN-8095-2",{"_key":66},"USN-8095-3",{"_key":68},"USN-8095-4",{"_key":70},"USN-8095-5",{"_key":72},"USN-8100-1",{"_key":74},"USN-8125-1",{"_key":76},"USN-8165-1",{"_key":78},"RHSA-2026:0537",{"_key":80},"RHSA-2026:0576",{"_key":82},"USN-8126-1",{"_key":84},"RHSA-2025:22854",{"_key":86},"RHSA-2026:0271",{"_key":88},"UBUNTU-CVE-2025-39982",{"_key":90},"USN-8261-1",[],[93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108],{"_key":20},{"_key":22},{"_key":24},{"_key":26},{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":52},{"_key":54},"2025-10-15T07:56:02.024Z","2026-05-11T21:40:11.118Z","Deferred",{"cisa_kev":113,"cisa_ransomware":113,"cisa_vendor":9,"epss_severity":114,"epss_score":115,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":111},false,"low",0.00047,[117,123,127,131,135],{"url":118,"sources":119,"tags":122},"https://git.kernel.org/stable/c/6243bda271a628c48875e3e473206e7f584892ce",[120,121],"cve.org","nvd",[],{"url":124,"sources":125,"tags":126},"https://git.kernel.org/stable/c/bcce99f613163a43de24674b717e7a6c135fc879",[120,121],[],{"url":128,"sources":129,"tags":130},"https://git.kernel.org/stable/c/484c7d571a3d1b3fd298fa691b660438c4548a53",[120,121],[],{"url":132,"sources":133,"tags":134},"https://git.kernel.org/stable/c/a78fd4fc5694ecb3b97deb2ad9eaebd67b4d2b08",[120,121],[],{"url":136,"sources":137,"tags":138},"https://git.kernel.org/stable/c/9e622804d57e2d08f0271200606bd1270f75126f",[120,121],[],[],{"date":141,"score":115,"percentile":142},"2026-06-04",0.1482,[144,148,151,154,157,160,163,166,169,172,175,178,181,185,188,191,194,197,200,203,206,209,212,216,218,221,224,227,230,233,236,239,242,245,248,251,255,258,261,264,267,269,272,275,278,281,284,287,290,294,297,300,303,306,309,312,315,318,321,323,326,329,332,335,338,341,344,347,350,353,355,358,361,364,367,370,372,375,378,381,384,387,390,393,396,399,402,405,408,410],{"date":145,"score":146,"percentile":147},"2025-11-04",0.00024,0.04944,{"date":149,"score":146,"percentile":150},"2025-11-05",0.04947,{"date":152,"score":146,"percentile":153},"2025-11-06",0.05061,{"date":155,"score":146,"percentile":156},"2025-11-07",0.05067,{"date":158,"score":146,"percentile":159},"2025-11-08",0.05062,{"date":161,"score":146,"percentile":162},"2025-11-09",0.05066,{"date":164,"score":146,"percentile":165},"2025-11-10",0.05044,{"date":167,"score":146,"percentile":168},"2025-11-11",0.05082,{"date":170,"score":146,"percentile":171},"2025-11-12",0.05087,{"date":173,"score":146,"percentile":174},"2025-11-13",0.05114,{"date":176,"score":146,"percentile":177},"2025-11-14",0.05151,{"date":179,"score":146,"percentile":180},"2025-11-15",0.05175,{"date":182,"score":183,"percentile":184},"2025-11-16",0.00026,0.06045,{"date":186,"score":183,"percentile":187},"2025-11-17",0.06033,{"date":189,"score":183,"percentile":190},"2025-11-18",0.03598,{"date":192,"score":183,"percentile":193},"2025-11-19",0.03648,{"date":195,"score":183,"percentile":196},"2025-11-20",0.03715,{"date":198,"score":183,"percentile":199},"2025-11-21",0.06153,{"date":201,"score":183,"percentile":202},"2025-11-22",0.06102,{"date":204,"score":183,"percentile":205},"2025-11-23",0.06092,{"date":207,"score":183,"percentile":208},"2025-11-24",0.06071,{"date":210,"score":183,"percentile":211},"2025-11-25",0.06059,{"date":213,"score":214,"percentile":215},"2025-11-26",0.00045,0.13414,{"date":217,"score":214,"percentile":215},"2025-11-27",{"date":219,"score":214,"percentile":220},"2025-11-28",0.13393,{"date":222,"score":214,"percentile":223},"2025-11-29",0.13367,{"date":225,"score":214,"percentile":226},"2025-11-30",0.13374,{"date":228,"score":214,"percentile":229},"2025-12-01",0.13412,{"date":231,"score":214,"percentile":232},"2025-12-02",0.13431,{"date":234,"score":214,"percentile":235},"2025-12-03",0.13452,{"date":237,"score":214,"percentile":238},"2025-12-04",0.13423,{"date":240,"score":214,"percentile":241},"2025-12-05",0.13496,{"date":243,"score":214,"percentile":244},"2025-12-06",0.13512,{"date":246,"score":214,"percentile":247},"2025-12-07",0.13494,{"date":249,"score":214,"percentile":250},"2025-12-08",0.13506,{"date":252,"score":253,"percentile":254},"2025-12-09",0.00037,0.10752,{"date":256,"score":253,"percentile":257},"2025-12-10",0.10813,{"date":259,"score":253,"percentile":260},"2025-12-11",0.10843,{"date":262,"score":253,"percentile":263},"2025-12-12",0.10863,{"date":265,"score":253,"percentile":266},"2025-12-13",0.10867,{"date":268,"score":253,"percentile":263},"2025-12-14",{"date":270,"score":253,"percentile":271},"2025-12-15",0.10807,{"date":273,"score":253,"percentile":274},"2025-12-16",0.10791,{"date":276,"score":253,"percentile":277},"2025-12-17",0.1087,{"date":279,"score":253,"percentile":280},"2025-12-18",0.10918,{"date":282,"score":253,"percentile":283},"2025-12-19",0.10929,{"date":285,"score":253,"percentile":286},"2025-12-20",0.10927,{"date":288,"score":253,"percentile":289},"2025-12-21",0.10909,{"date":291,"score":292,"percentile":293},"2025-12-22",0.00039,0.11606,{"date":295,"score":292,"percentile":296},"2025-12-23",0.11605,{"date":298,"score":292,"percentile":299},"2025-12-24",0.11619,{"date":301,"score":292,"percentile":302},"2025-12-25",0.11687,{"date":304,"score":292,"percentile":305},"2025-12-26",0.11669,{"date":307,"score":292,"percentile":308},"2025-12-27",0.11684,{"date":310,"score":292,"percentile":311},"2025-12-28",0.11662,{"date":313,"score":292,"percentile":314},"2025-12-29",0.11611,{"date":316,"score":292,"percentile":317},"2025-12-30",0.11587,{"date":319,"score":292,"percentile":320},"2025-12-31",0.1163,{"date":322,"score":292,"percentile":305},"2026-01-01",{"date":324,"score":292,"percentile":325},"2026-01-02",0.11657,{"date":327,"score":292,"percentile":328},"2026-01-03",0.11618,{"date":330,"score":292,"percentile":331},"2026-01-04",0.11548,{"date":333,"score":292,"percentile":334},"2026-01-05",0.1151,{"date":336,"score":292,"percentile":337},"2026-01-06",0.11519,{"date":339,"score":292,"percentile":340},"2026-01-07",0.11555,{"date":342,"score":292,"percentile":343},"2026-01-08",0.11603,{"date":345,"score":292,"percentile":346},"2026-01-09",0.11631,{"date":348,"score":292,"percentile":349},"2026-01-10",0.1164,{"date":351,"score":292,"percentile":352},"2026-01-11",0.11612,{"date":354,"score":292,"percentile":317},"2026-01-12",{"date":356,"score":292,"percentile":357},"2026-01-13",0.11561,{"date":359,"score":292,"percentile":360},"2026-01-14",0.11614,{"date":362,"score":292,"percentile":363},"2026-01-15",0.11617,{"date":365,"score":292,"percentile":366},"2026-01-16",0.11658,{"date":368,"score":292,"percentile":369},"2026-01-17",0.11665,{"date":371,"score":292,"percentile":352},"2026-01-18",{"date":373,"score":292,"percentile":374},"2026-01-19",0.11547,{"date":376,"score":292,"percentile":377},"2026-01-20",0.11528,{"date":379,"score":292,"percentile":380},"2026-01-21",0.11509,{"date":382,"score":292,"percentile":383},"2026-01-22",0.11495,{"date":385,"score":292,"percentile":386},"2026-01-23",0.11583,{"date":388,"score":292,"percentile":389},"2026-01-24",0.11635,{"date":391,"score":292,"percentile":392},"2026-01-25",0.11588,{"date":394,"score":292,"percentile":395},"2026-01-26",0.11527,{"date":397,"score":292,"percentile":398},"2026-01-27",0.11513,{"date":400,"score":292,"percentile":401},"2026-01-28",0.11505,{"date":403,"score":292,"percentile":404},"2026-01-29",0.11483,{"date":406,"score":292,"percentile":407},"2026-01-30",0.11512,{"date":409,"score":292,"percentile":377},"2026-01-31",{"date":411,"score":292,"percentile":412},"2026-02-01",0.11534,[],[415],{"ecosystem":9,"name":416,"vendor":417,"product":417,"cpe_part":418,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":419},"Linux","linux","a",[420,427,430,433,436,439],{"version":421,"is_range":422,"range_type":120,"version_start":423,"version_start_type":424,"version_end":425,"version_end_type":426,"fixed_in":9},">= aef2aa4fa98e18ea5d9345bf777ee698c8598728, \u003C 6243bda271a628c48875e3e473206e7f584892ce",true,"aef2aa4fa98e18ea5d9345bf777ee698c8598728","including","6243bda271a628c48875e3e473206e7f584892ce","excluding",{"version":428,"is_range":422,"range_type":120,"version_start":423,"version_start_type":424,"version_end":429,"version_end_type":426,"fixed_in":9},">= aef2aa4fa98e18ea5d9345bf777ee698c8598728, \u003C bcce99f613163a43de24674b717e7a6c135fc879","bcce99f613163a43de24674b717e7a6c135fc879",{"version":431,"is_range":422,"range_type":120,"version_start":423,"version_start_type":424,"version_end":432,"version_end_type":426,"fixed_in":9},">= aef2aa4fa98e18ea5d9345bf777ee698c8598728, \u003C 484c7d571a3d1b3fd298fa691b660438c4548a53","484c7d571a3d1b3fd298fa691b660438c4548a53",{"version":434,"is_range":422,"range_type":120,"version_start":423,"version_start_type":424,"version_end":435,"version_end_type":426,"fixed_in":9},">= aef2aa4fa98e18ea5d9345bf777ee698c8598728, \u003C a78fd4fc5694ecb3b97deb2ad9eaebd67b4d2b08","a78fd4fc5694ecb3b97deb2ad9eaebd67b4d2b08",{"version":437,"is_range":422,"range_type":120,"version_start":423,"version_start_type":424,"version_end":438,"version_end_type":426,"fixed_in":9},">= aef2aa4fa98e18ea5d9345bf777ee698c8598728, \u003C 9e622804d57e2d08f0271200606bd1270f75126f","9e622804d57e2d08f0271200606bd1270f75126f",{"version":440,"is_range":113,"range_type":120,"version_start":440,"version_start_type":424,"version_end":440,"version_end_type":424,"fixed_in":9},"5.18"]