CVE-2022-3640
Linux Kernel Bluetooth l2cap_core.c l2cap_conn_del use after free
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.
Se ha encontrado una vulnerabilidad, clasificada como crítica, en el Kernel de Linux. Está afectada la función l2cap_conn_del del archivo net/bluetooth/l2cap_core.c del componente Bluetooth. La manipulación conlleva a un uso de memoria previamente liberada. Es recomendado aplicar un parche para corregir este problema. El identificador de esta vulnerabilidad es VDB-211944
A vulnerability was found in the Linux Kernel in the l2cap_conn_del in net/bluetooth/l2cap_core.c function in the Bluetooth component. This issue leads to a use-after-free problem.
It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Kernel Connection Multiplexor socket implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could use this to cause a denial of service.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-10-21 CVE Reserved
- 2022-10-21 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2025-03-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-416: Use After Free
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html | Mailing List |
|
| https://vuldb.com/?id.211944 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979 | 2024-08-03 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.9.326 < 4.9.333 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9.326 < 4.9.333" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.14.291 < 4.14.299 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14.291 < 4.14.299" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19.255 < 4.19.265 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.255 < 4.19.265" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4.209 < 5.4.224 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.209 < 5.4.224" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10.135 < 5.10.154 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.135 < 5.10.154" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.15.59 < 5.15.79 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.59 < 5.15.79" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.18.16 < 6.0.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.18.16 < 6.0.8" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 36 Search vendor "Fedoraproject" for product "Fedora" and version "36" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 37 Search vendor "Fedoraproject" for product "Fedora" and version "37" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||