4 matches found
CVE-2022-49910
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu Fix the race condition between the following two flows that run in parallel: 1. l2capreassemblesdu - chan-ops-recv l2capsockrecvcb - sockqueuercvskb. 2...
CVE-2022-49910
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu Fix the race condition between the following two flows that run in parallel: 1. l2capreassemblesdu - chan-ops-recv l2capsockrecvcb - sockqueuercvskb. 2...
CVE-2022-49910
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu Fix the race condition between the following two flows that run in parallel: 1. l2capreassemblesdu - chan-ops-recv l2capsockrecvcb - sockqueuercvskb. 2...
CVE-2022-49910
CVE-2022-49910 (Linux kernel) : A race between two Bluetooth L2CAP flows can cause a use-after-free in l2cap_rx_state_recv (kernel 5.19.8). Specifically, an SKB queued by l2cap_reassemble_sdu may be freed by bt_sock_recvmsg/sock path, while code still accesses l2cap_ctrl in the SKB CB after l2cap...