CVE-2022-49136

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A issue in the Linux kernel's Bluetooth handling has been identified, specifically in the hci sync function. The problem occurs when the HCI UNREGISTER flag is set, which indicates that hci unregister dev has been called. In this scenario, the hci cmd sync queue function should return an error to prevent a potential use-after-free (uaf) error after a timeout, as the hdev will have been freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:10669

ALSA-2025:10670

ALSA-2025_10669

ALSA-2025_10670

ALSA-2025_16880

BDU:2025-10589

CESA-2025_10669

CESA-2025_10670

CVE-2022-49136

INFSA-2025_10669

INFSA-2025_10670

RHSA-2023:2458

RHSA-2023_2458

RHSA-2025:10669

RHSA-2025:10670

RHSA-2025_10669

RHSA-2025_10670

SUSE-SU-2025:1176-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1241-1

Affected Products

Almalinux

Centos

Debian

Linux Kernel

Red Hat

Suse

CVE-2022-49136

Weakness Enumeration

Related Identifiers

Affected Products

References · 1316