Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works syzbot is reporting attempt to schedule hdev->cmd_work work from system_wq WQ into hdev->workqueue WQ which is under draining operation [1], for commit c8efcc2589464ac7 ("workqueue: allow chained queueing during destruction") does not allow such operation. The check introduced by commit 877afadad2dce8aa ("Bluetooth: When HCI work queue is drained, only queue chained work") was incomplete. Use hdev->workqueue WQ when queuing hdev->{cmd,ncmd}_timer works because hci_{cmd,ncmd}_timeout() calls queue_work(hdev->workqueue). Also, protect the queuing operation with RCU read lock in order to avoid calling queue_delayed_work() after cancel_delayed_work() completed.

INFO

Published Date :

2025-12-30T12:10:54.342Z

Last Modified :

2025-12-30T12:10:54.342Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-50833 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-50833.

URL Resource
https://git.kernel.org/stable/c/3c6b036fe5c8ed8b6c4cbdc03605929882907ef0 cve-icon cve-icon
https://git.kernel.org/stable/c/c4635cf3d845a7324c25c52d549b70c8bd7ad4c7 cve-icon cve-icon
https://git.kernel.org/stable/c/deee93d13d385103205879a8a0915036ecd83261 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025123017-CVE-2022-50833-92af@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-50833 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-50833 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact