CVE-2022-49474

Summary

CVE-2022-49474 is a vulnerability in the Linux kernel that affects Bluetooth functionality. This issue arises when a socket is connected twice in quick succession, resulting in a race condition where two sco_conn objects are created but only one is associated with the socket. If the socket is closed before the SCO connection is established, the timer associated with the dangling sco_conn object is not canceled, leading to a use-after-free problem when the socket is freed. The issue is triggered in the sco_sock_timeout() function, and the call trace includes functions such as refcount_inc, check_memory_region, and sco_sock_timeout(). This vulnerability could potentially allow an attacker to execute arbitrary code or cause a denial-of-service condition.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.