#VU104635 NULL pointer dereference in Linux kernel - CVE-2022-49139
Vulnerability identifier: #VU104635
Vulnerability risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-476
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_sync_conn_complete_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: 5.17, 5.17 rc1, 5.17 rc2, 5.17 rc3, 5.17 rc4, 5.17 rc5, 5.17 rc6, 5.17 rc7, 5.17 rc8, 5.17 rc9, 5.17 rc12, 5.17.1, 5.17.2
External links
https://git.kernel.org/stable/c/0f9db1209f59844839175b5b907d3778cafde93d
https://git.kernel.org/stable/c/1c1291a84e94f6501644634c97544bb8291e9a1a
https://git.kernel.org/stable/c/3afee2118132e93e5f6fa636dfde86201a860ab3
https://git.kernel.org/stable/c/c1aa0dd52db4ce888be0bd820c3fa918d350ca0b
https://git.kernel.org/stable/c/f61c23e73dc653b957781066abfa8105c3fa3f5b
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.3
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
