VYPR
Unrated severityNVD Advisory· Published Dec 6, 2025· Updated Apr 15, 2026

CVE-2025-40284

CVE-2025-40284

Description

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: MGMT: cancel mesh send timer when hdev removed

mesh_send_done timer is not canceled when hdev is removed, which causes crash if the timer triggers after hdev is gone.

Cancel the timer when MGMT removes the hdev, like other MGMT timers.

Should fix the BUG: sporadically seen by BlueZ test bot (in "Mesh - Send cancel - 1" test).

Log: ------ BUG: KASAN: slab-use-after-free in run_timer_softirq+0x76b/0x7d0 ... Freed by task 36: kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 __kasan_save_free_info+0x3a/0x60 __kasan_slab_free+0x43/0x70 kfree+0x103/0x500 device_release+0x9a/0x210 kobject_put+0x100/0x1e0 vhci_release+0x18b/0x240 ------

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

171

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.