CVE-2022-49139 – A NULL pointer dereference vulnerability in the... (How to Fix)

Q: What is the severity of CVE-2022-49139?

CVE-2022-49139 has a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference vulnerability in the Linux kernel's Bluetooth subsystem allows local attackers to cause a kernel panic (denial of service) by sending specially crafted Bluetooth packets. This affects systems with Bluetooth enabled and requires local access or ability to send Bluetooth packets to the target system.

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's Bluetooth subsystem allows local attackers to cause a kernel panic (denial of service) by sending specially crafted Bluetooth packets. This affects systems with Bluetooth enabled and requires local access or ability to send Bluetooth packets to the target system.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not specified in CVE, but patches available for multiple stable branches

Operating Systems: Linux distributions with vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only vulnerable when Bluetooth is enabled and system processes Bluetooth packets. Requires local access or ability to send Bluetooth packets to target.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially requiring physical or remote console access to reboot.

🟠

Likely Case

Local denial of service through kernel panic, requiring system reboot to restore functionality.

🟢

If Mitigated

No impact if Bluetooth is disabled or proper access controls prevent local attackers from sending Bluetooth packets.

🌐 Internet-Facing: LOW - Requires local access or ability to send Bluetooth packets, not directly exploitable over internet.

🏢 Internal Only: MEDIUM - Local attackers or malicious insiders with Bluetooth access could cause denial of service.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to send Bluetooth packets to target system. Local access or proximity needed for Bluetooth communication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with fixes: 0f9db1209f59844839175b5b907d3778cafde93d and others

Vendor Advisory: https://git.kernel.org/stable/c/0f9db1209f59844839175b5b907d3778cafde93d

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable Bluetooth

linux

Completely disable Bluetooth subsystem to prevent exploitation

sudo systemctl stop bluetooth
sudo systemctl disable bluetooth
sudo rfkill block bluetooth

Restrict Bluetooth access

linux

Use MAC address filtering or disable Bluetooth discovery to limit attack surface

sudo hciconfig hci0 noscan
sudo btmgmt power off

🧯 If You Can't Patch

Disable Bluetooth completely on affected systems
Implement strict access controls to prevent unauthorized local users from accessing Bluetooth interfaces

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's security advisories. Vulnerable if running unpatched kernel with Bluetooth enabled.

Check Version:

uname -r

Verify Fix Applied:

Check kernel version after update matches patched version. Verify Bluetooth functionality still works without crashes.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/kern.log or dmesg
Bluetooth subsystem crashes
System reboots without clear cause

Network Indicators:

Unusual Bluetooth packet patterns targeting hci_sync_conn_complete_evt

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "NULL pointer dereference") AND "bluetooth"

📊 Metadata

CVE ID: CVE-2022-49139

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.05% exploit probability (16.1th percentile)

Published: February 26, 2025

Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49139, you might also want to check these: