CVE-2022-49139 Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt

🗓️ 26 Feb 2025 01:55:11Reported by LinuxType

Vulnerability CVE-2022-49139 fixed null pointer dereference in Bluetooth HCI synchronous connection event.

Reporter	Title	Published	Views	Family All 211
AstraLinux	Astra Linux - уязвимость в linux-5.10, linux	20 May 202605:53	–	astralinux
CNNVD	Linux kernel 安全漏洞	26 Feb 202500:00	–	cnnvd
CVE	CVE-2022-49139	26 Feb 202501:55	–	cve
Debian CVE	CVE-2022-49139	26 Feb 202501:55	–	debiancve
EUVD	EUVD-2022-55084	3 Oct 202520:07	–	euvd
NVD	CVE-2022-49139	26 Feb 202507:00	–	nvd
OpenVAS	SUSE: Security Advisory (SUSE-SU-2025:01620-1)	22 May 202500:00	–	openvas
OpenVAS	SUSE: Security Advisory (SUSE-SU-2025:01982-1)	19 Jun 202500:00	–	openvas
OpenVAS	SUSE: Security Advisory (SUSE-SU-2025:01983-1)	19 Jun 202500:00	–	openvas
OpenVAS	SUSE: Security Advisory (SUSE-SU-2025:02262-1)	11 Jul 202500:00	–	openvas

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/bluetooth/hci_event.c"
    ],
    "versions": [
      {
        "version": "efc7688b557dd1be10eead7399b315efcb1dbc74",
        "lessThan": "1c1291a84e94f6501644634c97544bb8291e9a1a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "efc7688b557dd1be10eead7399b315efcb1dbc74",
        "lessThan": "0f9db1209f59844839175b5b907d3778cafde93d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "efc7688b557dd1be10eead7399b315efcb1dbc74",
        "lessThan": "c1aa0dd52db4ce888be0bd820c3fa918d350ca0b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "efc7688b557dd1be10eead7399b315efcb1dbc74",
        "lessThan": "f61c23e73dc653b957781066abfa8105c3fa3f5b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "efc7688b557dd1be10eead7399b315efcb1dbc74",
        "lessThan": "3afee2118132e93e5f6fa636dfde86201a860ab3",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/bluetooth/hci_event.c"
    ],
    "versions": [
      {
        "version": "2.6.30",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "2.6.30",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.4.231",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.167",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.92",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.17.3",
        "lessThanOrEqual": "5.17.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.18",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/3afee2118132e93e5f6fa636dfde86201a860ab3
git	www.git.kernel.org/stable/c/c1aa0dd52db4ce888be0bd820c3fa918d350ca0b
git	www.git.kernel.org/stable/c/0f9db1209f59844839175b5b907d3778cafde93d
git	www.git.kernel.org/stable/c/1c1291a84e94f6501644634c97544bb8291e9a1a
git	www.git.kernel.org/stable/c/f61c23e73dc653b957781066abfa8105c3fa3f5b

11 May 2026 18:53Current

EPSS0.0007

cve-2022-49139 bluetooth vulnerability null pointer dereference linux kernel event