CVE-2022-49116

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49116
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49116.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49116
Downstream
Related
Published
2025-02-26T01:54:59.129Z
Modified
2025-11-28T13:17:08.973182Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Bluetooth: use memset avoid memory leaks
Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: use memset avoid memory leaks

Use memset to initialize structs to prevent memory leaks in l2capecredconnect

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49116.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
da49b602f7f75ccc91386e1274b3ef71676cd092
Fixed
9567d54e70ff58c2695c2cc2e53c86c67551d3e6
Fixed
42b6a39f439b6f37cc2024d91ce547d83290ff78
Fixed
e9e55acee9b7a737ec7f5161b94a78932a5514c8
Fixed
d588c183a971b85c775ad66da563ee6e8bc8158f
Fixed
d3715b2333e9a21692ba16ef8645eda584a9515d

Affected versions

v5.*

v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.10.1
v5.10.10
v5.10.100
v5.10.101
v5.10.102
v5.10.103
v5.10.104
v5.10.105
v5.10.106
v5.10.107
v5.10.108
v5.10.109
v5.10.11
v5.10.110
v5.10.12
v5.10.13
v5.10.14
v5.10.15
v5.10.16
v5.10.17
v5.10.18
v5.10.19
v5.10.2
v5.10.20
v5.10.21
v5.10.22
v5.10.23
v5.10.24
v5.10.25
v5.10.26
v5.10.27
v5.10.28
v5.10.29
v5.10.3
v5.10.30
v5.10.31
v5.10.32
v5.10.33
v5.10.34
v5.10.35
v5.10.36
v5.10.37
v5.10.38
v5.10.39
v5.10.4
v5.10.40
v5.10.41
v5.10.42
v5.10.43
v5.10.44
v5.10.45
v5.10.46
v5.10.47
v5.10.48
v5.10.49
v5.10.5
v5.10.50
v5.10.51
v5.10.52
v5.10.53
v5.10.54
v5.10.55
v5.10.56
v5.10.57
v5.10.58
v5.10.59
v5.10.6
v5.10.60
v5.10.61
v5.10.62
v5.10.63
v5.10.64
v5.10.65
v5.10.66
v5.10.67
v5.10.68
v5.10.69
v5.10.7
v5.10.70
v5.10.71
v5.10.72
v5.10.73
v5.10.74
v5.10.75
v5.10.76
v5.10.77
v5.10.78
v5.10.79
v5.10.8
v5.10.80
v5.10.81
v5.10.82
v5.10.83
v5.10.84
v5.10.85
v5.10.86
v5.10.87
v5.10.88
v5.10.89
v5.10.9
v5.10.90
v5.10.91
v5.10.92
v5.10.93
v5.10.94
v5.10.95
v5.10.96
v5.10.97
v5.10.98
v5.10.99
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.13
v5.16.14
v5.16.15
v5.16.16
v5.16.17
v5.16.18
v5.16.19
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.17.2
v5.6
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9567d54e70ff58c2695c2cc2e53c86c67551d3e6",
        "signature_type": "Line",
        "target": {
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-61b3a522",
        "digest": {
            "line_hashes": [
                "75207956293218027141648911576411255743",
                "332265880384339332157997097137615164802",
                "102174481499501720115409674879780714464"
            ],
            "threshold": 0.9
        }
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d588c183a971b85c775ad66da563ee6e8bc8158f",
        "signature_type": "Line",
        "target": {
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-6406bdf1",
        "digest": {
            "line_hashes": [
                "75207956293218027141648911576411255743",
                "332265880384339332157997097137615164802",
                "102174481499501720115409674879780714464"
            ],
            "threshold": 0.9
        }
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3715b2333e9a21692ba16ef8645eda584a9515d",
        "signature_type": "Function",
        "target": {
            "function": "l2cap_ecred_connect",
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-6d08e806",
        "digest": {
            "function_hash": "180560797148464385031859206891498176858",
            "length": 881.0
        }
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d588c183a971b85c775ad66da563ee6e8bc8158f",
        "signature_type": "Function",
        "target": {
            "function": "l2cap_ecred_connect",
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-799ae26e",
        "digest": {
            "function_hash": "180560797148464385031859206891498176858",
            "length": 881.0
        }
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3715b2333e9a21692ba16ef8645eda584a9515d",
        "signature_type": "Line",
        "target": {
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-898f3ebc",
        "digest": {
            "line_hashes": [
                "75207956293218027141648911576411255743",
                "332265880384339332157997097137615164802",
                "102174481499501720115409674879780714464"
            ],
            "threshold": 0.9
        }
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e9e55acee9b7a737ec7f5161b94a78932a5514c8",
        "signature_type": "Function",
        "target": {
            "function": "l2cap_ecred_connect",
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-8be6f4db",
        "digest": {
            "function_hash": "180560797148464385031859206891498176858",
            "length": 881.0
        }
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e9e55acee9b7a737ec7f5161b94a78932a5514c8",
        "signature_type": "Line",
        "target": {
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-9ef86ca3",
        "digest": {
            "line_hashes": [
                "75207956293218027141648911576411255743",
                "332265880384339332157997097137615164802",
                "102174481499501720115409674879780714464"
            ],
            "threshold": 0.9
        }
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@42b6a39f439b6f37cc2024d91ce547d83290ff78",
        "signature_type": "Line",
        "target": {
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-b5358f17",
        "digest": {
            "line_hashes": [
                "75207956293218027141648911576411255743",
                "332265880384339332157997097137615164802",
                "102174481499501720115409674879780714464"
            ],
            "threshold": 0.9
        }
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9567d54e70ff58c2695c2cc2e53c86c67551d3e6",
        "signature_type": "Function",
        "target": {
            "function": "l2cap_ecred_connect",
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-c3a0f6ef",
        "digest": {
            "function_hash": "180560797148464385031859206891498176858",
            "length": 881.0
        }
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@42b6a39f439b6f37cc2024d91ce547d83290ff78",
        "signature_type": "Function",
        "target": {
            "function": "l2cap_ecred_connect",
            "file": "net/bluetooth/l2cap_core.c"
        },
        "deprecated": false,
        "id": "CVE-2022-49116-d86cc03c",
        "digest": {
            "function_hash": "180560797148464385031859206891498176858",
            "length": 881.0
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.7.0
Fixed
5.10.111
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.34
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.20
Type
ECOSYSTEM
Events
Introduced
5.17.0
Fixed
5.17.3