-

CVE-2022-50386

EPSS 0.04%
Veröffentlicht 18.09.2025 13:33:07
Zuletzt bearbeitet 19.09.2025 16:00:46
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: L2CAP: Fix user-after-free

This uses l2cap_chan_hold_unless_zero() after calling
__l2cap_get_chan_blah() to prevent the following trace:

Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct kref
*kref)
Bluetooth: chan 0000000023c4974d
Bluetooth: parent 00000000ae861c08
==================================================================
BUG: KASAN: use-after-free in __mutex_waiter_is_first
kernel/locking/mutex.c:191 [inline]
BUG: KASAN: use-after-free in __mutex_lock_common
kernel/locking/mutex.c:671 [inline]
BUG: KASAN: use-after-free in __mutex_lock+0x278/0x400
kernel/locking/mutex.c:729
Read of size 8 at addr ffff888006a49b08 by task kworker/u3:2/389

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 11e40d6c0823f699d8ad501e48d1c3ae4be386cd

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 843fc4e386dd84b806a7f07fb062d8c3a44e5364

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d91fc2836562f299f34e361e089e9fe154da4f73

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 7d6f9cb24d2b2f6b6370eac074e2e6b1bafdad45

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 0c108cf3ad386e0084277093b55a351c49e0be27

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d1e894f950ad48897d1a7cb05909ea29d8c3810e

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 6ffde6e03085874ae22263ff4cef4869f797e84f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 15fc21695eb606bdc5d483b92118ee42610a952d

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 4.9.*

Version 4.9.331

Status unaffected

Version <= 4.14.*

Version 4.14.296

Status unaffected

Version <= 4.19.*

Version 4.19.262

Status unaffected

Version <= 5.4.*

Version 5.4.220

Status unaffected

Version <= 5.10.*

Version 5.10.150

Status unaffected

Version <= 5.15.*

Version 5.15.75

Status unaffected

Version <= 5.19.*

Version 5.19.17

Status unaffected

Version <= 6.0.*

Version 6.0.3

Status unaffected

Version <= *

Version 6.1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.127

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/11e40d6c0823f699d8ad501e48d1c3ae4be386cd

https://git.kernel.org/stable/c/843fc4e386dd84b806a7f07fb062d8c3a44e5364

https://git.kernel.org/stable/c/d91fc2836562f299f34e361e089e9fe154da4f73

https://git.kernel.org/stable/c/7d6f9cb24d2b2f6b6370eac074e2e6b1bafdad45

https://git.kernel.org/stable/c/0c108cf3ad386e0084277093b55a351c49e0be27

https://git.kernel.org/stable/c/d1e894f950ad48897d1a7cb05909ea29d8c3810e

https://git.kernel.org/stable/c/6ffde6e03085874ae22263ff4cef4869f797e84f

https://git.kernel.org/stable/c/15fc21695eb606bdc5d483b92118ee42610a952d

https://git.kernel.org/stable/c/35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f

https://nvd.nist.gov/vuln/detail/CVE-2022-50386

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50386

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50386

EUVD