CVE-2022-50386
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct kref *kref) Bluetooth: chan 0000000023c4974d Bluetooth: parent 00000000ae861c08 ================================================================== BUG: KASAN: use-after-free in __mutex_waiter_is_first kernel/locking/mutex.c:191 [inline] BUG: KASAN: use-after-free in __mutex_lock_common kernel/locking/mutex.c:671 [inline] BUG: KASAN: use-after-free in __mutex_lock+0x278/0x400 kernel/locking/mutex.c:729 Read of size 8 at addr ffff888006a49b08 by task kworker/u3:2/389
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| โ | Affected | โ |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 6.0.3-1 |
| sid | Fixed | 6.0.3-1 |
| forky | Fixed | 6.0.3-1 |
| bullseye | Fixed | 5.10.158-1 |
| bookworm | Fixed | 6.0.3-1 |
Red Hat Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 8 | Fixed | โ |
Rocky Linux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 8 | Fixed | โ |
References
- https://errata.rockylinux.org/RLSA-2025:19103
- https://errata.rockylinux.org/RLSA-2025:19102
- https://www.suse.com/security/cve/CVE-2022-50386.html
- https://security-tracker.debian.org/tracker/CVE-2022-50386
- https://access.redhat.com/errata/RHSA-2025:19102
- https://bugzilla.redhat.com/2395681
- https://bugzilla.redhat.com/2395805
- https://bugzilla.redhat.com/2396419
- https://bugzilla.redhat.com/2396431
- https://bugzilla.redhat.com/2396928
- https://bugzilla.redhat.com/2396944
- https://errata.almalinux.org/8/ALSA-2025-19102.html
- https://access.redhat.com/errata/RHSA-2025:19103
- https://errata.almalinux.org/8/ALSA-2025-19103.html
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.