CVE-2022-50339 – This is a race condition vulnerability in the L... (How to Fix)

Q: What is the severity of CVE-2022-50339?

CVE-2022-50339 has a CVSS score of 7.0 (HIGH). This is a race condition vulnerability in the Linux kernel's Bluetooth subsystem that can cause a kernel panic or system crash. It occurs when multiple processes attempt to initialize and remove Bluetooth management interfaces simultaneously, leading to use of uninitialized work structures. Systems using Bluetooth functionality with affected kernel versions are vulnerable.

📋 TL;DR

This is a race condition vulnerability in the Linux kernel's Bluetooth subsystem that can cause a kernel panic or system crash. It occurs when multiple processes attempt to initialize and remove Bluetooth management interfaces simultaneously, leading to use of uninitialized work structures. Systems using Bluetooth functionality with affected kernel versions are vulnerable.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated in CVE, but patches were committed to stable branches. Likely affects multiple kernel versions before the fix.

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Bluetooth functionality enabled and in use. The vulnerability is triggered during Bluetooth management operations.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially requiring physical reboot of affected systems.

🟠

Likely Case

System instability or crash when Bluetooth operations are performed concurrently by multiple processes or users.

🟢

If Mitigated

Minimal impact if Bluetooth functionality is disabled or not in use, or if systems are patched.

🌐 Internet-Facing: LOW - This vulnerability requires local access or Bluetooth proximity to exploit.

🏢 Internal Only: MEDIUM - Local users or processes on affected systems could trigger the race condition, causing system instability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering a specific race condition during Bluetooth operations. The vulnerability was discovered through syzbot fuzzing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees. Specific version depends on distribution.

Vendor Advisory: https://git.kernel.org/stable/c/e53c6180db8dd09de94e0a3bdf4fef6f5f9dd6e6

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. For custom kernels, apply commit e53c6180db8dd09de94e0a3bdf4fef6f5f9dd6e6 or f74ca25d6d6629ffd4fd80a1a73037253b57d06b. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable Bluetooth

linux

Disable Bluetooth functionality to prevent the race condition from being triggered.

sudo systemctl stop bluetooth
sudo systemctl disable bluetooth
sudo rfkill block bluetooth

🧯 If You Can't Patch

Disable Bluetooth functionality completely using system controls
Restrict Bluetooth access to trusted users only and monitor for abnormal Bluetooth operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's security advisories. Vulnerable if using unpatched kernel with Bluetooth enabled.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated to patched version and check that Bluetooth functionality works without crashes during concurrent operations.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages related to Bluetooth
System crash logs mentioning mgmt_index_removed or hci_dev functions
Bluetooth subsystem errors in dmesg

Network Indicators:

Abnormal Bluetooth connection patterns that could trigger race conditions

SIEM Query:

source="kernel" AND ("panic" OR "oops") AND ("bluetooth" OR "hci" OR "mgmt")

📊 Metadata

CVE ID: CVE-2022-50339

CVSS v3 Score: 7.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-362

EPSS Score: 0.01% exploit probability (0.8th percentile)

Published: September 16, 2025

Last Updated: January 14, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50339, you might also want to check these: