CVE-2022-50339

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw related to Bluetooth functionality. Specifically, a race condition can occur within the mgmt init hdev() function due to the lack of serialization via hci dev lock(). This race condition involves attempting to cancel an uninitialized work item at mgmt index removed(). The issue arises from concurrent access to the HCI MGMT flag during initialization and removal processes. The local fix involves splitting hci dev test and set flag() into hci dev test flag() and hci dev set flag() and setting the HCI MGMT flag after INIT DELAYED WORK() completes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.