CVE-2025-40283 is a Linux kernel vulnerability in the Bluetooth USB driver (btusb) that causes a use-after-free (UAF) condition during device disconnection. The bug occurs when btusb_disconnect releases the USB interface before properly cleaning up associated data, allowing a race condition that KASAN detects as a slab UAF. The fix is an urgent kernel stability patch for systems loading the btusb module. While this is a Linux-specific issue, WindowsForum.com covers it because enterprise IT environments often run mixed OS stacks, and understanding cross-platform vulnerabilities helps administrators maintain secure, stable infrastructure.
-
The Linux kernel recently closed a small but consequential race condition in the Bluetooth USB driver that caused a KASAN-detected slab use-after-free (UAF) in btusb_disconnect, and operators should treat the fix as an urgent kernel‑level stability patch for systems that load the btusb module...