PT-2022-5679 · Linux+9 · Linux Kernel+9

Tamás Koczka

·

Published

2022-11-03

·

Updated

2024-03-25

·

CVE-2022-42896

CVSS v3.1

8.8

High

VectorAV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel has use-after-free vulnerabilities in the net/bluetooth/l2cap core.c's l2cap connect and l2cap le connect req functions. These vulnerabilities may allow code execution and leaking kernel memory remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim.
Recommendations Upgrade past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 to resolve the issue. As a temporary workaround, consider disabling the l2cap connect and l2cap le connect req functions until a patch is available. Restrict access to the net/bluetooth/l2cap core.c module to minimize the risk of exploitation. Avoid using Bluetooth connectivity in affected systems until the issue is resolved.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2023:2148
ALSA-2023:2458
ALSA-2023:4517
ALSA-2023:4541
ALT-PU-2022-3055
ALT-PU-2022-3056
ALT-PU-2022-3060
ALT-PU-2022-3061
ALT-PU-2022-3088
ALT-PU-2022-3094
ALT-PU-2022-3171
ALT-PU-2022-3226
ALT-PU-2022-3310
ALT-PU-2022-3311
ALT-PU-2022-3338
ALT-PU-2022-3364
ALT-PU-2022-3371
ALT-PU-2022-3411
ALT-PU-2023-4894
ALT-PU-2023-7007
ALT-PU-2023-7682
BDU:2022-07074
CESA-2023_4517
CESA-2023_4531
CESA-2023_4541
CESA-2024_1249
CVE-2022-42896
DLA-3244-1
DLA-3245-1
LSN-0092-1
MGASA-2022-0442
MGASA-2022-0443
OESA-2022-2117
OPENSUSE-SU-2022_4503-1
OPENSUSE-SU-2022_4504-1
OPENSUSE-SU-2022_4574-1
OPENSUSE-SU-2022_4585-1
OPENSUSE-SU-2022_4613-1
OPENSUSE-SU-2022_4616-1
OPENSUSE-SU-2022_4617-1
RHSA-2023:2148
RHSA-2023:2458
RHSA-2023:3461
RHSA-2023:3462
RHSA-2023:3517
RHSA-2023:4137
RHSA-2023:4138
RHSA-2023:4230
RHSA-2023:4517
RHSA-2023:4531
RHSA-2023:4541
RHSA-2023:4789
RHSA-2023:4888
RHSA-2023:5580
RHSA-2023:5588
RHSA-2023:5589
RHSA-2023_2148
RHSA-2023_2458
RHSA-2023_4517
RHSA-2023_4541
RHSA-2024:0980
RHSA-2024:1249
RHSA-2024:1323
RHSA-2024:1332
RHSA-2024:1746
RHSA-2024_1249
RHSA-2024_1332
RLSA-2023:4517
RLSA-2023:4541
ROSA-SA-2023-2189
SUSE-SU-2022:4503-1
SUSE-SU-2022:4504-1
SUSE-SU-2022:4505-1
SUSE-SU-2022:4566-1
SUSE-SU-2022:4573-1
SUSE-SU-2022:4574-1
SUSE-SU-2022:4585-1
SUSE-SU-2022:4589-1
SUSE-SU-2022:4613-1
SUSE-SU-2022:4614-1
SUSE-SU-2022:4615-1
SUSE-SU-2022:4616-1
SUSE-SU-2022:4617-1
SUSE-SU-2023:0420-1
USN-5780-1
USN-5783-1
USN-5794-1
USN-5802-1
USN-5803-1
USN-5804-1
USN-5804-2
USN-5808-1
USN-5809-1
USN-5813-1
USN-5814-1
USN-5829-1
USN-5830-1
USN-5831-1
USN-5832-1
USN-5860-1
USN-5861-1
USN-5863-1
USN-5875-1
USN-5877-1
USN-5879-1
USN-5914-1
USN-5918-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu