CVE-2022-50374
MEDIUM EPSS 8.9%
Published Sep 17, 20259mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published Sep 17, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure syzbot is reporting NULL pointer dereference at hci_uart_tty_close() [1], for rcu_sync_enter() is called without rcu_sync_init() due to hci_uart_tty_open() ignoring percpu_init_rwsem() failure. While we are at it, fix that hci_uart_register_device() ignores percpu_init_rwsem() failure and hci_uart_unregister_device() does not call percpu_free_rwsem().
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
8.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-908
Affected Products 5
References 5
- git.kernel.org https://git.kernel.org/stable/c/3124d320c22f3f4388d9ac5c8f37eaad0cefd6b1
- git.kernel.org https://git.kernel.org/stable/c/75b2c71ea581c7bb1303860d89366a42ad0506d2
- git.kernel.org https://git.kernel.org/stable/c/98ce10f3f345e61fc6c83bff9cd11cda252b05ac
- git.kernel.org https://git.kernel.org/stable/c/b8917dce2134739b39bc0a5648b18427f2cad569
- git.kernel.org https://git.kernel.org/stable/c/d7cc0d51ffcbfd1caaa809fcf9cff05c46d0fb4d
Remediation
- git.kernel.org https://git.kernel.org/stable/c/3124d320c22f3f4388d9ac5c8f37eaad0cefd6b1
- git.kernel.org https://git.kernel.org/stable/c/75b2c71ea581c7bb1303860d89366a42ad0506d2
- git.kernel.org https://git.kernel.org/stable/c/98ce10f3f345e61fc6c83bff9cd11cda252b05ac
- git.kernel.org https://git.kernel.org/stable/c/b8917dce2134739b39bc0a5648b18427f2cad569
- git.kernel.org https://git.kernel.org/stable/c/d7cc0d51ffcbfd1caaa809fcf9cff05c46d0fb4d