DEBIAN-CVE-2022-50339
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50339
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50339.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-50339
- Upstream
- Published
- 2025-09-16T17:15:32Z
- Modified
- 2025-09-19T06:17:40Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag() in mgmtinithdev() syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved() [1], for setting of HCIMGMT flag from mgmtinithdev() from hcimgmtcmd() from hcisocksendmsg() can race with testing of HCIMGMT flag from mgmtindexremoved() from hcisockbind() due to lack of serialization via hcidevlock(). Since mgmtinithdev() is called with mgmtchanlistlock held, we can safely split hcidevtestandsetflag() into hcidevtestflag() and hcidevsetflag(). Thus, in order to close this race, set HCIMGMT flag after INITDELAYEDWORK() completed. This is a local fix based on mgmtchanlistlock. Lack of serialization via hcidevlock() might be causing different race conditions somewhere else. But a global fix based on hcidev_lock() should deserve a future patch.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source