Linux Kernel up to 5.10.119/5.15.44/5.17.12/5.18.1 del_timer_sync denial of service

Summaryinfo

A vulnerability labeled as critical has been found in Linux Kernel up to 5.10.119/5.15.44/5.17.12/5.18.1. The affected element is the function del_timer_sync. Executing a manipulation can lead to denial of service. This vulnerability is registered as CVE-2022-49555. No exploit is available. The affected component should be upgraded.

Detailsinfo

A vulnerability was found in Linux Kernel up to 5.10.119/5.15.44/5.17.12/5.18.1. It has been declared as critical. This vulnerability affects the function del_timer_sync. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect availability. CVE summarizes:

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Use del_timer_sync() before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggered by code calling del_timer() instead of del_timer_sync() just before freeing. One possible culprit is the hci_qca driver, which does exactly that. Eric mentioned that wake_retrans_timer could be rearmed via the work queue, so also move the destruction of the work queue before del_timer_sync().

The advisory is shared for download at git.kernel.org. This vulnerability was named CVE-2022-49555 since 02/26/2025. There are known technical details, but no exploit is available.

Upgrading to version 5.10.120, 5.15.45, 5.17.13 or 5.18.2 eliminates this vulnerability. Applying the patch 4989bb03342941f2b730b37dfa38bce27b543661/db03727b4bbbbb36e6ef4cb655c670eefb6448e9/37d17f63d085d601011964ade7371aeebeb6ed4b/2717654ae022e6ea959a4b7b762702fe1a4690c2/72ef98445aca568a81c2da050532500a8345ad3a is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Type

• Operating System

Vendor

• Linux

Name

• Kernel

Version

• 5.10.119
• 5.15.0
• 5.15.1
• 5.15.2
• 5.15.3
• 5.15.4
• 5.15.5
• 5.15.6
• 5.15.7
• 5.15.8
• 5.15.9
• 5.15.10
• 5.15.11
• 5.15.12
• 5.15.13
• 5.15.14
• 5.15.15
• 5.15.16
• 5.15.17
• 5.15.18
• 5.15.19
• 5.15.20
• 5.15.21
• 5.15.22
• 5.15.23
• 5.15.24
• 5.15.25
• 5.15.26
• 5.15.27
• 5.15.28
• 5.15.29
• 5.15.30
• 5.15.31
• 5.15.32
• 5.15.33
• 5.15.34
• 5.15.35
• 5.15.36
• 5.15.37
• 5.15.38
• 5.15.39
• 5.15.40
• 5.15.41
• 5.15.42
• 5.15.43
• 5.15.44
• 5.17.0
• 5.17.1
• 5.17.2
• 5.17.3
• 5.17.4
• 5.17.5
• 5.17.6
• 5.17.7
• 5.17.8
• 5.17.9
• 5.17.10
• 5.17.11
• 5.17.12
• 5.18.0
• 5.18.1

License

• open-source

Website

• Vendor: https://www.kernel.org/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Discussion