{"id":"CVE-2022-3640","details":"A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.","modified":"2026-04-03T13:14:29.307789Z","published":"2022-10-21T15:15:09.427Z","related":["ALSA-2023:2148","ALSA-2023:2458","ALSA-2023:7077","SUSE-SU-2022:3897-1","SUSE-SU-2022:3929-1","SUSE-SU-2022:3998-1","SUSE-SU-2022:4053-1","SUSE-SU-2022:4072-1","SUSE-SU-2022:4516-1","SUSE-SU-2022:4517-1","SUSE-SU-2022:4544-1","SUSE-SU-2022:4559-1","SUSE-SU-2022:4560-1","SUSE-SU-2022:4617-1","SUSE-SU-2025:01918-1","SUSE-SU-2025:01966-1","SUSE-SU-2025:02173-1","SUSE-SU-2025:02262-1","openSUSE-SU-2024:12456-1","openSUSE-SU-2024:13704-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGOIRR72OAFE53XZRUDZDP7INGLIC3E3/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OD7VWUT7YAU4CJ247IF44NGVOAODAJGC/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG2UPX3MQ7RKRJEUMGEH2TLPKZJCBU5C/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html"},{"type":"ADVISORY","url":"https://vuldb.com/?id.211944"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.9.326"},{"fixed":"4.9.333"}]},{"events":[{"introduced":"4.14.291"},{"fixed":"4.14.299"}]},{"events":[{"introduced":"4.19.255"},{"fixed":"4.19.265"}]},{"events":[{"introduced":"5.4.209"},{"fixed":"5.4.224"}]},{"events":[{"introduced":"5.10.135"},{"fixed":"5.10.154"}]},{"events":[{"introduced":"5.15.59"},{"fixed":"5.15.79"}]},{"events":[{"introduced":"5.18.16"},{"fixed":"6.0.8"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]},{"events":[{"introduced":"0"},{"last_affected":"37"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3640.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}