QwikSec

Security Database

CVE

CWE

Training

CVE-2022-3640

Published: Oct 21, 2022

Modified: Aug 3, 2024

PUBLISHED

CVSS v3.1

5.5

MEDIUM

Description

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.

Vendor	Product	Versions
Linux	Kernel	affected `n/a`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

References

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979

https://vuldb.com/?id.211944

FEDORA-2022-64ab9153c0

vendor-advisory

FEDORA-2022-65a0a3504a

vendor-advisory

FEDORA-2022-7aadaadebc

vendor-advisory

[debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update

mailing-list

[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.