CVE-2022-49909
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49909
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49909.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49909
- Downstream
- Related
- Published
- 2025-05-01T14:10:52Z
- Modified
- 2025-10-13T23:34:21.369294Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: fix use-after-free in l2capconndel()
When l2caprecvframe() is invoked to receive data, and the cid is L2CAPCIDA2MP, if the channel does not exist, it will create a channel. However, after a channel is created, the hold operation of the channel is not performed. In this case, the value of channel reference counting is 1. As a result, after hcierrorreset() is triggered, l2capconndel() invokes the close hook function of A2MP to release the channel. Then l2capchanunlock(chan) will trigger UAF issue.
The process is as follows: Receive data: l2capdatachannel() a2mpchannelcreate() --->channel ref is 2 l2capchanput() --->channel ref is 1
Triger event: hcierrorreset() hcidevdoclose() ... l2capdisconncfm() l2capconndel() l2capchanhold() --->channel ref is 2 l2capchandel() --->channel ref is 1 a2mpchanclosecb() --->channel ref is 0, release channel l2capchanunlock() --->UAF of channel
The detailed Call Trace is as follows: BUG: KASAN: use-after-free in _mutexunlockslowpath+0xa6/0x5e0 Read of size 8 at addr ffff8880160664b8 by task kworker/u11:1/7593 Workqueue: hci0 hcierrorreset Call Trace: <TASK> dumpstacklvl+0xcd/0x134 printreport.cold+0x2ba/0x719 kasanreport+0xb1/0x1e0 kasancheckrange+0x140/0x190 _mutexunlockslowpath+0xa6/0x5e0 l2capconndel+0x404/0x7b0 l2capdisconncfm+0x8c/0xc0 hciconnhashflush+0x11f/0x260 hcidevclosesync+0x5f5/0x11f0 hcidevdoclose+0x2d/0x70 hcierrorreset+0x9e/0x140 processonework+0x98a/0x1620 workerthread+0x665/0x1080 kthread+0x2e4/0x3a0 retfromfork+0x1f/0x30 </TASK>
Allocated by task 7593: kasansavestack+0x1e/0x40 _kasankmalloc+0xa9/0xd0 l2capchancreate+0x40/0x930 ampmgrcreate+0x96/0x990 a2mpchannelcreate+0x7d/0x150 l2caprecvframe+0x51b8/0x9a70 l2caprecvacldata+0xaa3/0xc00 hcirxwork+0x702/0x1220 processonework+0x98a/0x1620 workerthread+0x665/0x1080 kthread+0x2e4/0x3a0 retfrom_fork+0x1f/0x30
Freed by task 7593: kasansavestack+0x1e/0x40 kasansettrack+0x21/0x30 kasansetfreeinfo+0x20/0x30 __kasanslabfree+0x167/0x1c0 slabfreefreelisthook+0x89/0x1c0 kfree+0xe2/0x580 l2capchanput+0x22a/0x2d0 l2capconndel+0x3fc/0x7b0 l2capdisconncfm+0x8c/0xc0 hciconnhashflush+0x11f/0x260 hcidevclosesync+0x5f5/0x11f0 hcidevdoclose+0x2d/0x70 hcierrorreset+0x9e/0x140 processonework+0x98a/0x1620 workerthread+0x665/0x1080 kthread+0x2e4/0x3a0 retfromfork+0x1f/0x30
Last potentially related work creation: kasansavestack+0x1e/0x40 _kasanrecordauxstack+0xbe/0xd0 callrcu+0x99/0x740 netlinkrelease+0xe6a/0x1cf0 _sockrelease+0xcd/0x280 sockclose+0x18/0x20 _fput+0x27c/0xa90 taskworkrun+0xdd/0x1a0 exittousermodeprepare+0x23c/0x250 syscallexittousermode+0x19/0x50 dosyscall64+0x42/0x80 entrySYSCALL64afterhwframe+0x63/0xcd
Second to last potentially related work creation: kasansavestack+0x1e/0x40 _kasanrecordauxstack+0xbe/0xd0 callrcu+0x99/0x740 netlinkrelease+0xe6a/0x1cf0 _sockrelease+0xcd/0x280 sockclose+0x18/0x20 _fput+0x27c/0xa90 taskworkrun+0xdd/0x1a0 exittousermodeprepare+0x23c/0x250 syscallexittousermode+0x19/0x50 dosyscall64+0x42/0x80 entrySYSCALL64afterhwframe+0x63/0xcd
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0d0e2d032811280b927650ff3c15fe5020e82533
- https://git.kernel.org/stable/c/17c6164854f8bb80bf76f32b2c2f199c16b53703
- https://git.kernel.org/stable/c/7f7bfdd9a9af3b12c33d9da9a012e7f4d5c91f4b
- https://git.kernel.org/stable/c/8f7e4cf0694149a5d999d676ebd9ecf1b4cb2cc9
- https://git.kernel.org/stable/c/a3a7b2ac64de232edb67279e804932cb42f0b52a
- https://git.kernel.org/stable/c/c1f594dddd9ffd747c39f49cc5b67a9b7677d2ab
- https://git.kernel.org/stable/c/d9ec6e2fbd4a565b2345d4852f586b7ae3ab41fd
- https://git.kernel.org/stable/c/db4a0783ed78beb2ebaa32f5f785bfd79c580689
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedd255c861e268ba342e855244639a15f12d7a0bf2Fixeddb4a0783ed78beb2ebaa32f5f785bfd79c580689
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5bb395334392891dffae5a0e8f37dbe1d70496c9Fixed17c6164854f8bb80bf76f32b2c2f199c16b53703
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedbbd1fdb0e1adf827997a93bf108f20ede038e56eFixed7f7bfdd9a9af3b12c33d9da9a012e7f4d5c91f4b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced098e07ef0059296e710a801cdbd74b59016e6624Fixedc1f594dddd9ffd747c39f49cc5b67a9b7677d2ab
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedde5d4654ac6c22b1be756fdf7db18471e7df01eaFixedd9ec6e2fbd4a565b2345d4852f586b7ae3ab41fd
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf32d5615a78a1256c4f557ccc6543866e75d03f4Fixeda3a7b2ac64de232edb67279e804932cb42f0b52a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedd0be8347c623e0ac4202a1d4e0373882821f56b0Fixed8f7e4cf0694149a5d999d676ebd9ecf1b4cb2cc9
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedd0be8347c623e0ac4202a1d4e0373882821f56b0Fixed0d0e2d032811280b927650ff3c15fe5020e82533
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected59a55ec33a54a7179fa178f8aaf8b1cb8e63bd93
Affected versions
v2.*
v2.6.12
v2.6.12-rc2
v2.6.12-rc3
v2.6.12-rc4
v2.6.12-rc5
v2.6.12-rc6
v2.6.13
v2.6.13-rc1
v2.6.13-rc2
v2.6.13-rc3
v2.6.13-rc4
v2.6.13-rc5
v2.6.13-rc6
v2.6.13-rc7
v2.6.14
v2.6.14-rc1
v2.6.14-rc2
v2.6.14-rc3
v2.6.14-rc4
v2.6.14-rc5
v2.6.15
v2.6.15-rc1
v2.6.15-rc2
v2.6.15-rc3
v2.6.15-rc4
v2.6.15-rc5
v2.6.15-rc6
v2.6.15-rc7
v2.6.16
v2.6.16-rc1
v2.6.16-rc2
v2.6.16-rc3
v2.6.16-rc4
v2.6.16-rc5
v2.6.16-rc6
v2.6.17
v2.6.17-rc1
v2.6.17-rc2
v2.6.17-rc3
v2.6.17-rc4
v2.6.17-rc5
v2.6.17-rc6
v2.6.18
v2.6.18-rc1
v2.6.18-rc2
v2.6.18-rc3
v2.6.18-rc4
v2.6.18-rc5
v2.6.18-rc6
v2.6.18-rc7
v2.6.19
v2.6.19-rc1
v2.6.19-rc2
v2.6.19-rc3
v2.6.19-rc4
v2.6.19-rc5
v2.6.19-rc6
v2.6.20
v2.6.20-rc1
v2.6.20-rc2
v2.6.20-rc3
v2.6.20-rc4
v2.6.20-rc5
v2.6.20-rc6
v2.6.20-rc7
v2.6.21
v2.6.21-rc1
v2.6.21-rc2
v2.6.21-rc3
v2.6.21-rc4
v2.6.21-rc5
v2.6.21-rc6
v2.6.21-rc7
v2.6.22
v2.6.22-rc1
v2.6.22-rc2
v2.6.22-rc3
v2.6.22-rc4
v2.6.22-rc5
v2.6.22-rc6
v2.6.22-rc7
v2.6.23
v2.6.23-rc1
v2.6.23-rc2
v2.6.23-rc3
v2.6.23-rc4
v2.6.23-rc5
v2.6.23-rc6
v2.6.23-rc7
v2.6.23-rc8
v2.6.23-rc9
v2.6.24
v2.6.24-rc1
v2.6.24-rc2
v2.6.24-rc3
v2.6.24-rc4
v2.6.24-rc5
v2.6.24-rc6
v2.6.24-rc7
v2.6.24-rc8
v2.6.25
v2.6.25-rc1
v2.6.25-rc2
v2.6.25-rc3
v2.6.25-rc4
v2.6.25-rc5
v2.6.25-rc6
v2.6.25-rc7
v2.6.25-rc8
v2.6.25-rc9
v2.6.26
v2.6.26-rc1
v2.6.26-rc2
v2.6.26-rc3
v2.6.26-rc4
v2.6.26-rc5
v2.6.26-rc6
v2.6.26-rc7
v2.6.26-rc8
v2.6.26-rc9
v2.6.27
v2.6.27-rc1
v2.6.27-rc2
v2.6.27-rc3
v2.6.27-rc4
v2.6.27-rc5
v2.6.27-rc6
v2.6.27-rc7
v2.6.27-rc8
v2.6.27-rc9
v2.6.28
v2.6.28-rc1
v2.6.28-rc2
v2.6.28-rc3
v2.6.28-rc4
v2.6.28-rc5
v2.6.28-rc6
v2.6.28-rc7
v2.6.28-rc8
v2.6.28-rc9
v2.6.29
v2.6.29-rc1
v2.6.29-rc2
v2.6.29-rc3
v2.6.29-rc4
v2.6.29-rc5
v2.6.29-rc6
v2.6.29-rc7
v2.6.29-rc8
v2.6.30
v2.6.30-rc1
v2.6.30-rc2
v2.6.30-rc3
v2.6.30-rc4
v2.6.30-rc5
v2.6.30-rc6
v2.6.30-rc7
v2.6.30-rc8
v2.6.31
v2.6.31-rc1
v2.6.31-rc2
v2.6.31-rc3
v2.6.31-rc4
v2.6.31-rc5
v2.6.31-rc6
v2.6.31-rc7
v2.6.31-rc8
v2.6.31-rc9
v2.6.32
v2.6.32-rc1
v2.6.32-rc2
v2.6.32-rc3
v2.6.32-rc4
v2.6.32-rc5
v2.6.32-rc6
v2.6.32-rc7
v2.6.32-rc8
v2.6.33
v2.6.33-rc1
v2.6.33-rc2
v2.6.33-rc3
v2.6.33-rc4
v2.6.33-rc5
v2.6.33-rc6
v2.6.33-rc7
v2.6.33-rc8
v2.6.34
v2.6.34-rc1
v2.6.34-rc2
v2.6.34-rc3
v2.6.34-rc4
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v2.6.35
v2.6.35-rc1
v2.6.35-rc2
v2.6.35-rc3
v2.6.35-rc4
v2.6.35-rc5
v2.6.35-rc6
v2.6.36
v2.6.36-rc1
v2.6.36-rc2
v2.6.36-rc3
v2.6.36-rc4
v2.6.36-rc5
v2.6.36-rc6
v2.6.36-rc7
v2.6.36-rc8
v2.6.37
v2.6.37-rc1
v2.6.37-rc2
v2.6.37-rc3
v2.6.37-rc4
v2.6.37-rc5
v2.6.37-rc6
v2.6.37-rc7
v2.6.37-rc8
v2.6.38
v2.6.38-rc1
v2.6.38-rc2
v2.6.38-rc3
v2.6.38-rc4
v2.6.38-rc5
v2.6.38-rc6
v2.6.38-rc7
v2.6.38-rc8
v2.6.39
v2.6.39-rc1
v2.6.39-rc2
v2.6.39-rc3
v2.6.39-rc4
v2.6.39-rc5
v2.6.39-rc6
v2.6.39-rc7
v3.*
v3.0
v3.0-rc1
v3.0-rc2
v3.0-rc3
v3.0-rc4
v3.0-rc5
v3.0-rc6
v3.0-rc7
v3.1
v3.1-rc1
v3.1-rc10
v3.1-rc2
v3.1-rc3
v3.1-rc4
v3.1-rc5
v3.1-rc6
v3.1-rc7
v3.1-rc8
v3.1-rc9
v3.10
v3.10-rc1
v3.10-rc2
v3.10-rc3
v3.10-rc4
v3.10-rc5
v3.10-rc6
v3.10-rc7
v3.11
v3.11-rc1
v3.11-rc2
v3.11-rc3
v3.11-rc4
v3.11-rc5
v3.11-rc6
v3.11-rc7
v3.12
v3.12-rc1
v3.12-rc2
v3.12-rc3
v3.12-rc4
v3.12-rc5
v3.12-rc6
v3.12-rc7
v3.13
v3.13-rc1
v3.13-rc2
v3.13-rc3
v3.13-rc4
v3.13-rc5
v3.13-rc6
v3.13-rc7
v3.13-rc8
v3.14
v3.14-rc1
v3.14-rc2
v3.14-rc3
v3.14-rc4
v3.14-rc5
v3.14-rc6
v3.14-rc7
v3.14-rc8
v3.15
v3.15-rc1
v3.15-rc2
v3.15-rc3
v3.15-rc4
v3.15-rc5
v3.15-rc6
v3.15-rc7
v3.15-rc8
v3.16
v3.16-rc1
v3.16-rc2
v3.16-rc3
v3.16-rc4
v3.16-rc5
v3.16-rc6
v3.16-rc7
v3.17
v3.17-rc1
v3.17-rc2
v3.17-rc3
v3.17-rc4
v3.17-rc5
v3.17-rc6
v3.17-rc7
v3.18
v3.18-rc1
v3.18-rc2
v3.18-rc3
v3.18-rc4
v3.18-rc5
v3.18-rc6
v3.18-rc7
v3.19
v3.19-rc1
v3.19-rc2
v3.19-rc3
v3.19-rc4
v3.19-rc5
v3.19-rc6
v3.19-rc7
v3.2
v3.2-rc1
v3.2-rc2
v3.2-rc3
v3.2-rc4
v3.2-rc5
v3.2-rc6
v3.2-rc7
v3.3
v3.3-rc1
v3.3-rc2
v3.3-rc3
v3.3-rc4
v3.3-rc5
v3.3-rc6
v3.3-rc7
v3.4
v3.4-rc1
v3.4-rc2
v3.4-rc3
v3.4-rc4
v3.4-rc5
v3.4-rc6
v3.4-rc7
v3.5
v3.5-rc1
v3.5-rc2
v3.5-rc3
v3.5-rc4
v3.5-rc5
v3.5-rc6
v3.5-rc7
v3.6
v3.6-rc1
v3.6-rc2
v3.6-rc3
v3.6-rc4
v3.6-rc5
v3.6-rc6
v3.6-rc7
v3.7
v3.7-rc1
v3.7-rc2
v3.7-rc3
v3.7-rc4
v3.7-rc5
v3.7-rc6
v3.7-rc7
v3.7-rc8
v3.8
v3.8-rc1
v3.8-rc2
v3.8-rc3
v3.8-rc4
v3.8-rc5
v3.8-rc6
v3.8-rc7
v3.9
v3.9-rc1
v3.9-rc2
v3.9-rc3
v3.9-rc4
v3.9-rc5
v3.9-rc6
v3.9-rc7
v3.9-rc8
v4.*
v4.0
v4.0-rc1
v4.0-rc2
v4.0-rc3
v4.0-rc4
v4.0-rc5
v4.0-rc6
v4.0-rc7
v4.1
v4.1-rc1
v4.1-rc2
v4.1-rc3
v4.1-rc4
v4.1-rc5
v4.1-rc6
v4.1-rc7
v4.1-rc8
v4.10
v4.10-rc1
v4.10-rc2
v4.10-rc3
v4.10-rc4
v4.10-rc5
v4.10-rc6
v4.10-rc7
v4.10-rc8
v4.11
v4.11-rc1
v4.11-rc2
v4.11-rc3
v4.11-rc4
v4.11-rc5
v4.11-rc6
v4.11-rc7
v4.11-rc8
v4.12
v4.12-rc1
v4.12-rc2
v4.12-rc3
v4.12-rc4
v4.12-rc5
v4.12-rc6
v4.12-rc7
v4.13
v4.13-rc1
v4.13-rc2
v4.13-rc3
v4.13-rc4
v4.13-rc5
v4.13-rc6
v4.13-rc7
v4.14
v4.14-rc1
v4.14-rc2
v4.14-rc3
v4.14-rc4
v4.14-rc5
v4.14-rc6
v4.14-rc7
v4.14-rc8
v4.14.291
v4.14.292
v4.14.293
v4.14.294
v4.14.295
v4.14.296
v4.14.297
v4.14.298
v4.15
v4.15-rc1
v4.15-rc2
v4.15-rc3
v4.15-rc4
v4.15-rc5
v4.15-rc6
v4.15-rc7
v4.15-rc8
v4.15-rc9
v4.16
v4.16-rc1
v4.16-rc2
v4.16-rc3
v4.16-rc4
v4.16-rc5
v4.16-rc6
v4.16-rc7
v4.17
v4.17-rc1
v4.17-rc2
v4.17-rc3
v4.17-rc4
v4.17-rc5
v4.17-rc6
v4.17-rc7
v4.18
v4.18-rc1
v4.18-rc2
v4.18-rc3
v4.18-rc4
v4.18-rc5
v4.18-rc6
v4.18-rc7
v4.18-rc8
v4.19
v4.19-rc1
v4.19-rc2
v4.19-rc3
v4.19-rc4
v4.19-rc5
v4.19-rc6
v4.19-rc7
v4.19-rc8
v4.19.255
v4.19.256
v4.19.257
v4.19.258
v4.19.259
v4.19.260
v4.19.261
v4.19.262
v4.19.263
v4.19.264
v4.2
v4.2-rc1
v4.2-rc2
v4.2-rc3
v4.2-rc4
v4.2-rc5
v4.2-rc6
v4.2-rc7
v4.2-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7
v4.3
v4.3-rc1
v4.3-rc2
v4.3-rc3
v4.3-rc4
v4.3-rc5
v4.3-rc6
v4.3-rc7
v4.4
v4.4-rc1
v4.4-rc2
v4.4-rc3
v4.4-rc4
v4.4-rc5
v4.4-rc6
v4.4-rc7
v4.4-rc8
v4.5
v4.5-rc1
v4.5-rc2
v4.5-rc3
v4.5-rc4
v4.5-rc5
v4.5-rc6
v4.5-rc7
v4.6
v4.6-rc1
v4.6-rc2
v4.6-rc3
v4.6-rc4
v4.6-rc5
v4.6-rc6
v4.6-rc7
v4.7
v4.7-rc1
v4.7-rc2
v4.7-rc3
v4.7-rc4
v4.7-rc5
v4.7-rc6
v4.7-rc7
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9
v4.9-rc1
v4.9-rc2
v4.9-rc3
v4.9-rc4
v4.9-rc5
v4.9-rc6
v4.9-rc7
v4.9-rc8
v4.9.326
v4.9.327
v4.9.328
v4.9.329
v4.9.330
v4.9.331
v4.9.332
v5.*
v5.0
v5.0-rc1
v5.0-rc2
v5.0-rc3
v5.0-rc4
v5.0-rc5
v5.0-rc6
v5.0-rc7
v5.0-rc8
v5.1
v5.1-rc1
v5.1-rc2
v5.1-rc3
v5.1-rc4
v5.1-rc5
v5.1-rc6
v5.1-rc7
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.10.135
v5.10.136
v5.10.137
v5.10.138
v5.10.139
v5.10.140
v5.10.141
v5.10.142
v5.10.143
v5.10.144
v5.10.145
v5.10.146
v5.10.147
v5.10.148
v5.10.149
v5.10.150
v5.10.151
v5.10.152
v5.10.153
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.59
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.10
v5.18.11
v5.18.12
v5.18.13
v5.18.14
v5.18.15
v5.18.2
v5.18.3
v5.18.4
v5.18.5
v5.18.6
v5.18.7
v5.18.8
v5.18.9
v5.19
v5.19-rc8
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.4.209
v5.4.210
v5.4.211
v5.4.212
v5.4.213
v5.4.214
v5.4.215
v5.4.216
v5.4.217
v5.4.218
v5.4.219
v5.4.220
v5.4.221
v5.4.222
v5.4.223
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.0.1
v6.0.2
v6.0.3
v6.0.4
v6.0.5
v6.0.6
v6.0.7
v6.1-rc1
v6.1-rc2
Database specific
{
"vanir_signatures": [
{
"signature_type": "Line",
"target": {
"file": "net/bluetooth/l2cap_core.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"209601355075513705173262649130043214463",
"213181648149128164693613760357848564962",
"223390481684974432461685321749884618549"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d0e2d032811280b927650ff3c15fe5020e82533",
"deprecated": false,
"id": "CVE-2022-49909-09170ed5"
},
{
"signature_type": "Function",
"target": {
"file": "net/bluetooth/l2cap_core.c",
"function": "l2cap_data_channel"
},
"signature_version": "v1",
"digest": {
"length": 1114.0,
"function_hash": "4611563768857367266859116127971197868"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d9ec6e2fbd4a565b2345d4852f586b7ae3ab41fd",
"deprecated": false,
"id": "CVE-2022-49909-22f6a500"
},
{
"signature_type": "Function",
"target": {
"file": "net/bluetooth/l2cap_core.c",
"function": "l2cap_data_channel"
},
"signature_version": "v1",
"digest": {
"length": 1084.0,
"function_hash": "66264565776248773292065644453522227545"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7f7bfdd9a9af3b12c33d9da9a012e7f4d5c91f4b",
"deprecated": false,
"id": "CVE-2022-49909-233de9b6"
},
{
"signature_type": "Function",
"target": {
"file": "net/bluetooth/l2cap_core.c",
"function": "l2cap_data_channel"
},
"signature_version": "v1",
"digest": {
"length": 1084.0,
"function_hash": "66264565776248773292065644453522227545"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@db4a0783ed78beb2ebaa32f5f785bfd79c580689",
"deprecated": false,
"id": "CVE-2022-49909-240bc0e5"
},
{
"signature_type": "Line",
"target": {
"file": "net/bluetooth/l2cap_core.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"209601355075513705173262649130043214463",
"213181648149128164693613760357848564962",
"223390481684974432461685321749884618549"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@17c6164854f8bb80bf76f32b2c2f199c16b53703",
"deprecated": false,
"id": "CVE-2022-49909-2c150221"
},
{
"signature_type": "Line",
"target": {
"file": "net/bluetooth/l2cap_core.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"209601355075513705173262649130043214463",
"213181648149128164693613760357848564962",
"223390481684974432461685321749884618549"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d9ec6e2fbd4a565b2345d4852f586b7ae3ab41fd",
"deprecated": false,
"id": "CVE-2022-49909-5da09c7b"
},
{
"signature_type": "Line",
"target": {
"file": "net/bluetooth/l2cap_core.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"209601355075513705173262649130043214463",
"213181648149128164693613760357848564962",
"223390481684974432461685321749884618549"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a3a7b2ac64de232edb67279e804932cb42f0b52a",
"deprecated": false,
"id": "CVE-2022-49909-6d773bdc"
},
{
"signature_type": "Line",
"target": {
"file": "net/bluetooth/l2cap_core.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"209601355075513705173262649130043214463",
"213181648149128164693613760357848564962",
"223390481684974432461685321749884618549"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c1f594dddd9ffd747c39f49cc5b67a9b7677d2ab",
"deprecated": false,
"id": "CVE-2022-49909-7adef665"
},
{
"signature_type": "Function",
"target": {
"file": "net/bluetooth/l2cap_core.c",
"function": "l2cap_data_channel"
},
"signature_version": "v1",
"digest": {
"length": 1114.0,
"function_hash": "4611563768857367266859116127971197868"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d0e2d032811280b927650ff3c15fe5020e82533",
"deprecated": false,
"id": "CVE-2022-49909-83d97177"
},
{
"signature_type": "Function",
"target": {
"file": "net/bluetooth/l2cap_core.c",
"function": "l2cap_data_channel"
},
"signature_version": "v1",
"digest": {
"length": 1084.0,
"function_hash": "66264565776248773292065644453522227545"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@17c6164854f8bb80bf76f32b2c2f199c16b53703",
"deprecated": false,
"id": "CVE-2022-49909-84224e8e"
},
{
"signature_type": "Function",
"target": {
"file": "net/bluetooth/l2cap_core.c",
"function": "l2cap_data_channel"
},
"signature_version": "v1",
"digest": {
"length": 1114.0,
"function_hash": "4611563768857367266859116127971197868"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a3a7b2ac64de232edb67279e804932cb42f0b52a",
"deprecated": false,
"id": "CVE-2022-49909-8a300876"
},
{
"signature_type": "Function",
"target": {
"file": "net/bluetooth/l2cap_core.c",
"function": "l2cap_data_channel"
},
"signature_version": "v1",
"digest": {
"length": 1084.0,
"function_hash": "66264565776248773292065644453522227545"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c1f594dddd9ffd747c39f49cc5b67a9b7677d2ab",
"deprecated": false,
"id": "CVE-2022-49909-94d4ba0c"
},
{
"signature_type": "Line",
"target": {
"file": "net/bluetooth/l2cap_core.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"209601355075513705173262649130043214463",
"213181648149128164693613760357848564962",
"223390481684974432461685321749884618549"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8f7e4cf0694149a5d999d676ebd9ecf1b4cb2cc9",
"deprecated": false,
"id": "CVE-2022-49909-982469cd"
},
{
"signature_type": "Line",
"target": {
"file": "net/bluetooth/l2cap_core.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"209601355075513705173262649130043214463",
"213181648149128164693613760357848564962",
"223390481684974432461685321749884618549"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@db4a0783ed78beb2ebaa32f5f785bfd79c580689",
"deprecated": false,
"id": "CVE-2022-49909-b6fab030"
},
{
"signature_type": "Line",
"target": {
"file": "net/bluetooth/l2cap_core.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"209601355075513705173262649130043214463",
"213181648149128164693613760357848564962",
"223390481684974432461685321749884618549"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7f7bfdd9a9af3b12c33d9da9a012e7f4d5c91f4b",
"deprecated": false,
"id": "CVE-2022-49909-db1d18f4"
},
{
"signature_type": "Function",
"target": {
"file": "net/bluetooth/l2cap_core.c",
"function": "l2cap_data_channel"
},
"signature_version": "v1",
"digest": {
"length": 1114.0,
"function_hash": "4611563768857367266859116127971197868"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8f7e4cf0694149a5d999d676ebd9ecf1b4cb2cc9",
"deprecated": false,
"id": "CVE-2022-49909-e20cdbf8"
}
]
}
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.9.333
- Type
- ECOSYSTEM
- Events
-
Introduced4.10.0Fixed4.14.299
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.265
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.224
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.154
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.78
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.0.8