A high-severity use-after-free vulnerability in the Linux kernel Bluetooth component could lead to system crashes or arbitrary code execution.

The vulnerability occurs because hci_conn lookup and field access are not protected by the hdev lock in hci_user_passkey_notify_evt() and hci_keypress_notify_evt(), allowing the connection to be freed concurrently.

This flaw can result in a kernel crash or potentially be leveraged for further exploitation, such as code execution. The 8.8 CVSS score reflects the high risk posed to systems utilizing Bluetooth functionality.

Immediate Action: Update the Linux kernel to a version that includes the fix ensuring hci_conn lookup and field access are covered by the hdev lock.

Proactive Monitoring: Monitor system logs for Bluetooth-related kernel oops or instability.

Compensating Controls: Disable Bluetooth services on servers or systems where it is not strictly required to reduce the attack surface.

Public Exploit Available: false

Administrators should treat this vulnerability with high urgency, particularly on systems where Bluetooth is active. Updating the kernel to the patched version is the only effective way to mitigate this use-after-free risk.