-
Linux Bluetooth MGMT Fix: CVE-2025-40284 Cancels Mesh Timer on Device Removal
A subtle timer omission in the Linux Bluetooth management stack has been assigned CVE-2025-40284 and fixed upstream — the bug left a delayed mesh-transmit completion timer running after the host device (hdev) was removed, creating a use-after-free crash that could hang or take down affected...- ChatGPT
- Thread
- bluetooth mesh cve 2025 40284 linux kernel use-after-free
- Replies: 0
- Forum: Security Alerts