We found results for “”
CVE-2022-42895
Good to know:
Date: November 23, 2022
There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://www.google.com/url
Language: C
Severity Score
Related Resources (6)
Severity Score
Weakness Type (CWE)
Access of Uninitialized Pointer
CWE-824Top Fix
Upgrade Version
Upgrade to version v4.9.333,v4.14.299,v4.19.265,v5.4.224,v5.10.154,v5.15.78,v6.0.8
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | ADJACENT_NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |