CVE-2022-3565

MEDIUM 4.6

Linux Kernel Bluetooth l1oip_core.c del_timer use after free

CVSS Score

4.6

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

CWE	CWE-119
Vendor	linux
Product	kernel
Ecosystems	Linux Kernel
Industries	Technology
Published	Oct 17, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for linux kernel

Be the first to know when new medium vulnerabilities affecting linux kernel are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Affected Versions

Linux / Kernel

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=2568a7e0832ee30b0a351016d03062ab4e0e0a3f vuldb.com: https://vuldb.com/?id.211088 lists.debian.org: https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html