CVE-2022-3637

2022-10-2111:15:09

Debian Security Bug Tracker

security-tracker.debian.org

vulnerability

linux kernel

jlink_init

bluez

denial of service

patch

vdb-211936

unix

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.6%

JSON

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function jlink_init of the file monitor/jlink.c of the component BlueZ. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211936.

OSVersionArchitecturePackageVersionFilename
Debian12allbluez< 5.66-1+deb12u2bluez_5.66-1+deb12u2_all.deb
Debian11allbluez< 5.55-3.1+deb11u1bluez_5.55-3.1+deb11u1_all.deb
Debian999allbluez< 5.73-1bluez_5.73-1_all.deb
Debian13allbluez< 5.71-1bluez_5.71-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	bluez	< 5.66-1+deb12u2	bluez_5.66-1+deb12u2_all.deb
Debian	11	all	bluez	< 5.55-3.1+deb11u1	bluez_5.55-3.1+deb11u1_all.deb
Debian	999	all	bluez	< 5.73-1	bluez_5.73-1_all.deb
Debian	13	all	bluez	< 5.71-1	bluez_5.71-1_all.deb