Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Use del_timer_sync() before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggered by code calling del_timer() instead of del_timer_sync() just before freeing. One possible culprit is the hci_qca driver, which does exactly that. Eric mentioned that wake_retrans_timer could be rearmed via the work queue, so also move the destruction of the work queue before del_timer_sync().

INFO

Published Date :

2025-02-26T02:14:03.150Z

Last Modified :

2025-05-04T08:40:27.341Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49555 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49555.

URL Resource
https://git.kernel.org/stable/c/2717654ae022e6ea959a4b7b762702fe1a4690c2 cve-icon cve-icon
https://git.kernel.org/stable/c/37d17f63d085d601011964ade7371aeebeb6ed4b cve-icon cve-icon
https://git.kernel.org/stable/c/4989bb03342941f2b730b37dfa38bce27b543661 cve-icon cve-icon
https://git.kernel.org/stable/c/72ef98445aca568a81c2da050532500a8345ad3a cve-icon cve-icon
https://git.kernel.org/stable/c/db03727b4bbbbb36e6ef4cb655c670eefb6448e9 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022616-CVE-2022-49555-64d2@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49555 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49555 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact