CVE-2022-3640

CVSS v3.1 8.8 (High)

EPSS 0.22 % (61^th)

Affected Products 3

Advisories 44

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.

Weaknesses

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416: Use After Free

CVE Status: PUBLISHED
CNA: VulDB
Published Date: 2022-10-21 15:15:09
(23 months ago)
Updated Date: 2023-11-07 03:51:34
(10 months ago)

Affected Products

Configuration #1

	CPE23	From	Up To
Linux Kernel from 4.9.326 version and prior 4.9.333 version	cpe:2.3:o:linux:linux_kernel	>= 4.9.326	< 4.9.333
Linux Kernel from 4.14.291 version and prior 4.14.299 version	cpe:2.3:o:linux:linux_kernel	>= 4.14.291	< 4.14.299
Linux Kernel from 4.19.255 version and prior 4.19.265 version	cpe:2.3:o:linux:linux_kernel	>= 4.19.255	< 4.19.265
Linux Kernel from 5.4.209 version and prior 5.4.224 version	cpe:2.3:o:linux:linux_kernel	>= 5.4.209	< 5.4.224
Linux Kernel from 5.10.135 version and prior 5.10.154 version	cpe:2.3:o:linux:linux_kernel	>= 5.10.135	< 5.10.154
Linux Kernel from 5.15.59 version and prior 5.15.79 version	cpe:2.3:o:linux:linux_kernel	>= 5.15.59	< 5.15.79
Linux Kernel from 5.18.16 version and prior 6.0.8 version	cpe:2.3:o:linux:linux_kernel	>= 5.18.16	< 6.0.8

Configuration #2

		CPE23	From	Up To
	Fedoraproject Fedora 35	cpe:2.3:o:fedoraproject:fedora:35
	Fedoraproject Fedora 36	cpe:2.3:o:fedoraproject:fedora:36
	Fedoraproject Fedora 37	cpe:2.3:o:fedoraproject:fedora:37

Configuration #3

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0

Weaknesses

Affected Products

Debian

Fedoraproject

Linux

Configuration #1

Configuration #2

Configuration #3