CVE-2022-50386Use After Free in Linux

CWE-416Use After Free5 documents5 sources
Severity
8.0HIGHNVD
EPSS
0.0%
top 87.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct kref *kref) Bluetooth: chan 0000000023c4974d Bluetooth: parent 00000000ae861c08 BUG: KASAN: use-after-free in __mutex_waiter_is_first kernel/locking/mutex.c:191 [inline] BUG: KASAN: use-after-free in __mutex_lock_common

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel4.104.14.296+7
Debianlinux/linux_kernel< 5.10.158-1+3
CVEListV5linux/linux3df91ea20e744344100b10ae69a17211fcf5b20711e40d6c0823f699d8ad501e48d1c3ae4be386cd+9
debiandebian/linux< linux 6.0.3-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50386: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() afte2025-09-18
GHSA
GHSA-q9hj-m4q6-fcrh: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() af2025-09-18

📋Vendor Advisories

2
Red Hat
kernel: Bluetooth: L2CAP: Fix user-after-free2025-09-18
Debian
CVE-2022-50386: linux - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ...2022
CVE-2022-50386 — Use After Free in Linux | cvebase