CVE-2022-49910 – This is a use-after-free vulnerability in the L... (How to Fix)

Q: What is the severity of CVE-2022-49910?

CVE-2022-49910 has a CVSS score of 7.8 (HIGH). This is a use-after-free vulnerability in the Linux kernel's Bluetooth L2CAP implementation that allows local attackers to potentially crash the system or execute arbitrary code. It affects Linux systems with Bluetooth enabled, particularly those running vulnerable kernel versions. The vulnerability occurs due to a race condition in how Bluetooth data packets are processed.

📋 TL;DR

This is a use-after-free vulnerability in the Linux kernel's Bluetooth L2CAP implementation that allows local attackers to potentially crash the system or execute arbitrary code. It affects Linux systems with Bluetooth enabled, particularly those running vulnerable kernel versions. The vulnerability occurs due to a race condition in how Bluetooth data packets are processed.

💻 Affected Systems

Products:

Linux kernel

Versions: Kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions with vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Bluetooth enabled and configured. The vulnerability is in the kernel's Bluetooth subsystem.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level code execution, potentially leading to complete system compromise.

🟠

Likely Case

Kernel panic or system crash causing denial of service.

🟢

If Mitigated

Limited impact if Bluetooth is disabled or if proper kernel hardening is in place.

🌐 Internet-Facing: LOW - Requires local access to the system.

🏢 Internal Only: MEDIUM - Local attackers on multi-user systems or compromised user accounts could exploit this.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to trigger the race condition. No public exploits are known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 03af22e23b96, 3aff8aaca4e3, 4cd094fd5d87, 6c7407bfbeaf, 8278a87bb1ee

Vendor Advisory: https://git.kernel.org/stable/c/03af22e23b96fb7ef75fb7885407ef457e8b403d

Restart Required: Yes

Instructions:

1. Update Linux kernel to a version containing the fix commits. 2. Check your distribution's security advisories for specific patched versions. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Disable Bluetooth

linux

Completely disable Bluetooth functionality to prevent exploitation

systemctl stop bluetooth
systemctl disable bluetooth
rfkill block bluetooth

Blacklist Bluetooth kernel modules

linux

Prevent Bluetooth modules from loading

echo 'blacklist btusb' >> /etc/modprobe.d/blacklist-bluetooth.conf
echo 'blacklist bluetooth' >> /etc/modprobe.d/blacklist-bluetooth.conf

🧯 If You Can't Patch

Disable Bluetooth on all affected systems
Implement strict access controls to limit local user privileges

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's security advisories. Vulnerable if running kernel versions before the fix commits.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated to a patched version and check that Bluetooth functionality still works properly.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
KASAN reports of use-after-free in l2cap_rx_state_recv
Bluetooth subsystem crashes

Network Indicators:

Unusual Bluetooth connection attempts from local users

SIEM Query:

Search for kernel logs containing 'KASAN: use-after-free' or 'l2cap_rx_state_recv'

📊 Metadata

CVE ID: CVE-2022-49910

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.02% exploit probability (5.9th percentile)

Published: May 1, 2025

Last Updated: November 11, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49910, you might also want to check these: