1. Home
  2. Vulnerabilities
  3. CVE-2022-42895

CVE-2022-42895

CVSS v3.1 6.5 (Medium)
65% Progress
EPSS 0.06 % (28th)
0.06% Progress
Affected Products 1
Advisories 53
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely.
We recommend upgrading past commit  https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://www.google.com/url

Weaknesses
CWE-824
Access of Uninitialized Pointer
CVE Status
PUBLISHED
CNA
Google Inc.
Published Date
2022-11-23 15:15:10
(22 months ago)
Updated Date
2023-11-07 03:53:40
(10 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel cpe:2.3:o:linux:linux_kernel:-