CVE-2022-3619

Published: Oct 20, 2022Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211918 is the identifier assigned to this vulnerability.

Affected (1)

Products: Linux: Linux Kernel

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	All versions

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

References (4)

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=97097c85c088e11651146da32a4e1cdb9dfa6193

Source: cna@vuldb.com

ExploitMailing ListPatchVendor Advisory

https://vuldb.com/?id.211918

Source: cna@vuldb.com

Third Party Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=97097c85c088e11651146da32a4e1cdb9dfa6193

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListPatchVendor Advisory

https://vuldb.com/?id.211918

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.