Lucene search
HistoryNov 27, 2022 - 4:15 a.m.
CVE-2022-45934
linux kernel
integer wraparound
l2cap_config_req
bluetooth
cve-2022-45934
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
14.2%
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
Affected configurations
Node
linuxlinux_kernelRange2.6.32–4.9.337
ORlinuxlinux_kernelRange4.10–4.14.303
ORlinuxlinux_kernelRange4.15–4.19.270
ORlinuxlinux_kernelRange4.20–5.4.229
ORlinuxlinux_kernelRange5.5–5.10.161
ORlinuxlinux_kernelRange5.11–5.15.85
ORlinuxlinux_kernelRange5.16–6.0.15
Node
fedoraprojectfedoraMatch37
Node
netapph410cMatch-
netapph410c_firmwareMatch-
Node
netapph300sMatch-
netapph300s_firmwareMatch-
Node
netapph500sMatch-
netapph500s_firmwareMatch-
Node
netapph700sMatch-
netapph700s_firmwareMatch-
Node
netapph410sMatch-
netapph410s_firmwareMatch-
Node
debiandebian_linuxMatch11.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| fedoraproject | fedora | 37 | cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* |
| netapp | h410c | - | cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* |
| netapp | h410c_firmware | - | cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* |
| netapp | h300s | - | cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* |
| netapp | h300s_firmware | - | cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* |
| netapp | h500s | - | cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* |
| netapp | h500s_firmware | - | cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* |
| netapp | h700s | - | cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* |
| netapp | h700s_firmware | - | cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* |
References
git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d
lists.debian.org/debian-lts-announce/2023/03/msg00000.html
lists.debian.org/debian-lts-announce/2023/05/msg00006.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDAKCGDW6CQ6G3RZWYZJO454R3L5CTQB/
security.netapp.com/advisory/ntap-20230113-0008/
www.debian.org/security/2023/dsa-5324
Related
redhatcve
redhatcve
CVE-2022-45934
2022-12-08 18:04:54
CVE-2022-3564
2022-12-05 20:01:14
githubexploit
githubexploit
Exploit for Integer Overflow or Wraparound in Linux Linux Kernel
2023-01-20 10:03:07
Exploit for Integer Overflow or Wraparound in Linux Linux Kernel
2023-03-24 08:16:44
Exploit for Integer Overflow or Wraparound in Linux Linux Kernel
2023-01-20 05:00:05
cve
cve
CVE-2022-45934
2022-11-27 04:15:10
debiancve
debiancve
CVE-2022-45934
2022-11-27 04:15:10
fedora
fedora
[SECURITY] Fedora 37 Update: kernel-6.0.15-300.fc37
2022-12-25 01:10:11
veracode
veracode
Integer Wraparound
2023-01-17 17:02:26
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2022-45934)
2023-03-20 00:00:00
Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5809-1)
2023-01-17 00:00:00
Ubuntu 16.04 ESM : Linux kernel (AWS) vulnerabilities (USN-5794-1)
2023-01-07 00:00:00
cvelist
cvelist
CVE-2022-45934
2022-11-27 00:00:00
openvas
openvas
Fedora: Security Advisory for kernel (FEDORA-2022-90162a1d88)
2022-12-25 00:00:00
Ubuntu: Security Advisory (USN-5809-1)
2023-01-18 00:00:00
Ubuntu: Security Advisory (USN-5863-1)
2023-02-10 00:00:00
ubuntucve
ubuntucve
CVE-2022-45934
2022-11-27 00:00:00
prion
prion
Design/Logic Flaw
2022-11-27 04:15:00
cbl_mariner
cbl_mariner
CVE-2022-45934 affecting package kernel 5.10.158.1-1
2023-01-12 20:55:10
CVE-2022-45934 affecting package kernel for versions less than 5.15.86.1-1
2023-01-17 16:47:16
osv
osv
kernel-devel-6.0.12-1.1 on GA media
2024-06-15 00:00:00
linux-oem-5.14 vulnerabilities
2023-01-17 18:10:42
linux-azure vulnerabilities
2023-02-09 23:17:58
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2023-01-17 00:00:00
Linux kernel vulnerabilities
2023-01-19 00:00:00
Linux kernel vulnerabilities
2023-01-12 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2023-03-07 00:00:00
Unbreakable Enterprise kernel security update
2023-03-17 00:00:00
Unbreakable Enterprise kernel-container security update
2023-03-17 00:00:00
amazon
amazon
Important: kernel
2023-02-03 19:19:00
Important: kernel
2023-02-03 19:19:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0318
2023-01-21 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0527
2023-02-07 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2023-01-22 23:39:23
Updated kernel packages fix security vulnerabilities
2023-01-22 23:39:23
cloudlinux
cloudlinux
kernel: Fix of 13 CVEs
2024-01-17 12:32:48
kernel: Fix of 13 CVEs
2024-01-17 12:28:37
debian
debian
[SECURITY] [DSA 5324-1] linux security update
2023-01-23 20:11:44
[SECURITY] [DLA 3349-1] linux-5.10 security update
2023-03-02 22:05:14
[SECURITY] [DLA 3403-1] linux security update
2023-05-03 12:01:28
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2023-02-18 02:15:39
rocky
rocky
kernel-rt security and bug fix update
2024-06-14 13:59:36
kernel security, bug fix, and enhancement update
2024-06-14 13:59:16
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple kernel vulnerabilities
2024-06-07 15:32:38
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-06-26 16:06:34
redhat
redhat
(RHSA-2024:2950) Moderate: kernel-rt security and bug fix update
2024-05-22 06:35:10
(RHSA-2024:3138) Moderate: kernel security, bug fix, and enhancement update
2024-05-22 06:35:43
(RHSA-2024:2394) Important: kernel security, bug fix, and enhancement update
2024-04-30 06:15:35
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
14.2%
Related for NVD:CVE-2022-45934