Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-3640

Опубликовано: 21 окт. 2022
Источник: nvd
CVSS3: 5.5
CVSS3: 8.8
EPSS Низкий

Описание

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.9.326 (включая) до 4.9.333 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.14.291 (включая) до 4.14.299 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.19.255 (включая) до 4.19.265 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.4.209 (включая) до 5.4.224 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.10.135 (включая) до 5.10.154 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.15.59 (включая) до 5.15.79 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.18.16 (включая) до 6.0.8 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 3%
0.00018
Низкий

5.5 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-119
CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2022-3640

CVSS3: 5.5
ubuntu
больше 2 лет назад

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.

redhat логотип

CVE-2022-3640

CVSS3: 7.1
redhat
больше 2 лет назад

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.

debian логотип

CVE-2022-3640

CVSS3: 5.5
debian
больше 2 лет назад

A vulnerability, which was classified as critical, was found in Linux ...

github логотип

GHSA-hx6h-vxvg-2g6w

CVSS3: 8.8
github
больше 2 лет назад

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.

fstec логотип

BDU:2022-06550

CVSS3: 8.8
fstec
больше 2 лет назад

Уязвимость функции l2cap_conn_del() (net/bluetooth/l2cap_core.c) ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 3%
0.00018
Низкий

5.5 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-119
CWE-416