VIR Vulnerability Intelligence Relay

CVE-2025-39981

medium
Published 2025-12-01 Β· Modified 2025-12-08
πŸ’¬ Discuss on Community ✚ Propose mitigation
CVSS v3
β€”
CVSS v4 NEW
β€”
not yet in upstream
VIR risk
5.5

Description

Moderate: kernel security update

Predictions

Exploit likelihood
20%
Patch ETA
β€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Red Hat Errata β€” Red Hat Inc. Β· View original β†— Β· Open-Errata-API

Description kernel: Bluetooth: MGMT: Fix possible UAFs Red Hat statement Ensure Bluetooth management interfaces are hardened or, if unused, disabled. CVSS v3: 7.3 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 10kernel-0:6.12.0-124.20.1.el10_1RHSA-2025:228542025-12-09T00:00:00Z Red Hat Enterprise Linux 10.0 Extended…

Description

kernel: Bluetooth: MGMT: Fix possible UAFs

Red Hat statement

Ensure Bluetooth management interfaces are hardened or, if unused, disabled.

CVSS v3: 7.3 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H)

Errata / fixed releases

ProductPackageAdvisoryReleased
Red Hat Enterprise Linux 10kernel-0:6.12.0-124.20.1.el10_1RHSA-2025:228542025-12-09T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Supportkernel-0:6.12.0-55.52.1.el10_0RHSA-2026:02712026-01-08T00:00:00Z
Red Hat Enterprise Linux 9kernel-0:5.14.0-611.11.1.el9_7RHSA-2025:224052025-12-01T00:00:00Z
Red Hat Enterprise Linux 9kernel-0:5.14.0-611.11.1.el9_7RHSA-2025:224052025-12-01T00:00:00Z
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutionskernel-0:5.14.0-284.166.1.el9_2RHSA-2026:96442026-04-22T00:00:00Z
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutionskernel-rt-0:5.14.0-284.166.1.rt14.451.el9_2RHSA-2026:95122026-04-22T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Supportkernel-0:5.14.0-427.121.1.el9_4RHSA-2026:101082026-04-23T00:00:00Z
Red Hat Enterprise Linux 9.6 Extended Update Supportkernel-0:5.14.0-570.77.1.el9_6RHSA-2026:04572026-01-12T00:00:00Z

Package state

ProductPackageState
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelAffected
Red Hat Enterprise Linux 8kernel-rtAffected
Red Hat Enterprise Linux 9kernel-rtAffected

Apply commands

bash fix
Apply RHSA-2025:22854 for Red Hat Enterprise Linux 10
yum update -y kernel
# or:
dnf upgrade -y kernel

Affected

VendorProductVersion
redhatRed Hat Enterprise Linux 6Not affected
redhatRed Hat Enterprise Linux 7Not affected
redhatRed Hat Enterprise Linux 7Not affected
redhatRed Hat Enterprise Linux 8Affected
redhatRed Hat Enterprise Linux 8Affected
redhatRed Hat Enterprise Linux 9Affected

OS impact
suse SUSE Affected 1 release
VersionStatusFixed in
β€” Affected β€”
debian Debian Mixed 5 releases
VersionStatusFixed in
trixie Fixed 6.12.63-1
sid Fixed 6.16.10-1
forky Fixed 6.16.10-1
bullseye Fixed 0
bookworm Affected β€”
almalinux AlmaLinux Fixed 2 releases
VersionStatusFixed in
9 Fixed kernel-64k-debug-devel-5.14.0-611.11.1.el9_7.aarch64.rpm
8 Fixed kernel-doc-4.18.0-553.126.1.el8_10.noarch.rpm
redhat Red Hat Fixed 2 releases
VersionStatusFixed in
9 Fixed β€”
8 Fixed β€”
rockylinux Rocky Linux Fixed 1 release
VersionStatusFixed in
9 Fixed β€”

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.