CVE-2022-49111

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17.0-rc5

Description A use-after-free issue has been identified in the Linux kernel's Bluetooth functionality, specifically in the hci send acl function. This issue arises when the HCI EV DISCONN PHY LINK COMPLETE event is received, which calls hci conn del without checking if conn->type is AMP LINK, leading to improper cleanup of upper layers. The estimated number of potentially affected devices worldwide is not specified. There is no information available about real-world incidents where this issue was exploited.

Recommendations For Linux kernel versions prior to 5.17.0-rc5, update to a version that includes the fix for the use-after-free issue in the hci send acl function. As a temporary workaround, consider disabling the Bluetooth functionality until a patch is available. Restrict access to the vulnerable hci send acl function to minimize the risk of exploitation. Avoid using the hci send acl function in the affected API endpoint until the issue is resolved.