CVE-2022-50447

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc7-02243-gb84a13ff4eda

Description A crash can occur in the Bluetooth stack when attempting to connect multiple ISO sockets without using DEFER SETUP. This issue is related to a null-ptr-deref in the hci create cis sync function. The crash occurs within the hci cmd sync work workqueue. The issue was observed on QEMU Standard PC hardware with BIOS version 1.16.0-1.fc36.

Recommendations Update to a version newer than 6.0.0-rc7-02243-gb84a13ff4eda.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2026-06087

CVE-2022-50447

RHSA-2024:2394

RHSA-2024_2394

RHSA-2026:0534

RHSA-2026:0535

SUSE-SU-2025:03615-1

SUSE-SU-2025:3761-1

Affected Products

Linux Kernel

Qemu

Red Hat

Suse

CVE-2022-50447

Weakness Enumeration

Related Identifiers

Affected Products

References · 833