CVE-2022-42896

CVE Details

Release Date:	2022-11-03
Impact:	Important	What is this?

Description

There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url

See more information about CVE-2022-42896 from MITRE CVE dictionary and NIST NVD

NOTE: The following CVSS metrics and score provided are preliminary and subject to review.

CVSS v3 metrics

Base Score:	8.1
Vector String:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Version:	3.0
Attack Vector:	Adjacent_Network
Attack Complexity:	Low
Privileges Required:	None
User Interaction:	None
Scope:	Unchanged
Confidentiality Impact:	High
Integrity Impact:	High
Availability Impact:	None

Errata information

Platform	Errata	Release Date
Oracle Linux version 6 (kernel-uek)	ELSA-2023-12109	2023-02-07
Oracle Linux version 7 (kernel)	ELSA-2024-1249	2024-03-20
Oracle Linux version 7 (kernel-uek)	ELSA-2023-12109	2023-02-07
Oracle Linux version 7 (kernel-uek)	ELSA-2023-12117	2023-02-13
Oracle Linux version 7 (kernel-uek)	ELSA-2023-12119	2023-02-14
Oracle Linux version 7 (kernel-uek-container)	ELSA-2023-12118	2023-02-14
Oracle Linux version 7 (kernel-uek-container)	ELSA-2023-12121	2023-02-14
Oracle Linux version 8 (kernel)	ELSA-2023-4517	2023-08-10
Oracle Linux version 8 (kernel-uek)	ELSA-2023-12017	2023-01-12
Oracle Linux version 8 (kernel-uek)	ELSA-2023-12119	2023-02-14
Oracle Linux version 8 (kernel-uek-container)	ELSA-2023-12018	2023-01-12
Oracle Linux version 8 (kernel-uek-container)	ELSA-2023-12121	2023-02-14
Oracle Linux version 9 (kernel)	ELSA-2023-2458	2023-05-15
Oracle Linux version 9 (kernel-uek)	ELSA-2023-12017	2023-01-12