A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.35/6.15.4/6.16-rc3. This issue affects the function vhci_flush in the library include/linux/skbuff.h of the component Bluetooth. The manipulation leads to use after free.

The identification of this vulnerability is CVE-2025-38250. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.