exploitDog

CVE-2022-3565

Опубликовано: 17 окт. 2022

Источник: nvd

CVSS3: 4.6

CVSS3: 7.8

EPSS Низкий

Описание

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

Ссылки

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=2568a7e0832ee30b0a351016d03062ab4e0e0a3f
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
Mailing List
Third Party Advisory
https://vuldb.com/?id.211088
Permissions Required
https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=2568a7e0832ee30b0a351016d03062ab4e0e0a3f
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
Mailing List
Third Party Advisory
https://vuldb.com/?id.211088
Permissions Required

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 2.6.27 (включая) до 4.9.331 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.10 (включая) до 4.14.296 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.15 (включая) до 4.19.262 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.4.220 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.5 (включая) до 5.10.150 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.75 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 5.19.17 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.0 (включая) до 6.0.3 (исключая)

EPSS

Процентиль: 7%

0.00031

Низкий

4.6 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-119

CWE-662

Связанные уязвимости

CVE-2022-3565

CVSS3: 4.6

ubuntu

больше 2 лет назад

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

CVE-2022-3565

CVSS3: 7

redhat

больше 2 лет назад

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

CVE-2022-3565

CVSS3: 4.6

debian

больше 2 лет назад

A vulnerability, which was classified as critical, has been found in L ...

GHSA-w8wm-5qpx-c8j6

CVSS3: 8

github

больше 2 лет назад

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

BDU:2022-06620

CVSS3: 8

fstec

больше 3 лет назад

Уязвимость функции del_timer компонента drivers/isdn/mISDN/l1oip_core.c ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 7%

0.00031

Низкий

4.6 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-119

CWE-662