CVE-2022-3565

CWE-119 — Buffer Overflow CWE-662 CWE-416 — Use After Free19 documents7 sources

Severity

7.8HIGH

EPSS

0.0%

top 93.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Linux Kernel

Timeline

PublishedOct 17

Latest updateMar 3

Description

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.2 | Impact: 3.4

Affected Packages3 packages

▶NVDlinux/linux_kernel2.6.27 — 4.9.331+7

▶CVEListV5linux/kerneln/a

▶Debianlinux< 5.10.158-1+3

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-w8wm-5qpx-c8j6: A vulnerability, which was classified as critical, has been found in Linux Kernel↗2022-10-18

▶

CVEList

Linux Kernel Bluetooth l1oip_core.c del_timer use after free↗2022-10-17

▶

OSV

CVE-2022-3565: A vulnerability, which was classified as critical, has been found in Linux Kernel↗2022-10-17

▶

📋Vendor Advisories

Ubuntu

Linux kernel (OEM) vulnerabilities↗2023-03-03

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2022-12-14

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2022-12-12

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2022-12-12

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2022-12-12

▶