CVE-2022-49202

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49202
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49202.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-49202
Downstream
Related
Published
2025-02-26T01:55:43Z
Modified
2025-10-21T09:34:16.895117Z
Summary
Bluetooth: hci_uart: add missing NULL check in h5_enqueue
Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: hciuart: add missing NULL check in h5enqueue

Syzbot hit general protection fault in _pmruntime_resume(). The problem was in missing NULL check.

hu->serdev can be NULL and we should not blindly pass &serdev->dev somewhere, since it will cause GPF.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d9dd833cf6d29695682ec7e7924c0d0992b906bc
Fixed
7235485433d290367d60ae22fcdfc565e61d42ab
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d9dd833cf6d29695682ec7e7924c0d0992b906bc
Fixed
e6b6c904c0f88588b6a3ace20e4c0d61eab124f8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d9dd833cf6d29695682ec7e7924c0d0992b906bc
Fixed
8a3896c30f542439d36303183dc96f65df8cc528
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d9dd833cf6d29695682ec7e7924c0d0992b906bc
Fixed
32cb08e958696908a9aad5e49a78d74f7e32fffb

Affected versions

v5.*

v5.14
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.13
v5.16.14
v5.16.15
v5.16.16
v5.16.17
v5.16.18
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@32cb08e958696908a9aad5e49a78d74f7e32fffb",
        "id": "CVE-2022-49202-036f7c82",
        "deprecated": false,
        "target": {
            "function": "h5_enqueue",
            "file": "drivers/bluetooth/hci_h5.c"
        },
        "signature_version": "v1",
        "digest": {
            "length": 831.0,
            "function_hash": "245519766156120556258026379925161059535"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8a3896c30f542439d36303183dc96f65df8cc528",
        "id": "CVE-2022-49202-2f46f0d5",
        "deprecated": false,
        "target": {
            "function": "h5_enqueue",
            "file": "drivers/bluetooth/hci_h5.c"
        },
        "signature_version": "v1",
        "digest": {
            "length": 831.0,
            "function_hash": "245519766156120556258026379925161059535"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e6b6c904c0f88588b6a3ace20e4c0d61eab124f8",
        "id": "CVE-2022-49202-35d96a2c",
        "deprecated": false,
        "target": {
            "file": "drivers/bluetooth/hci_h5.c"
        },
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "41968186943893998833009944898868484852",
                "120781682324571226270814006670025957707",
                "175868712813941493473902529732000428230",
                "212217424696987248624167302355865531530",
                "257903536805406402817978179865482895764",
                "11790921892260591506519398707237760879"
            ]
        },
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7235485433d290367d60ae22fcdfc565e61d42ab",
        "id": "CVE-2022-49202-46248358",
        "deprecated": false,
        "target": {
            "file": "drivers/bluetooth/hci_h5.c"
        },
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "41968186943893998833009944898868484852",
                "120781682324571226270814006670025957707",
                "175868712813941493473902529732000428230",
                "212217424696987248624167302355865531530",
                "257903536805406402817978179865482895764",
                "11790921892260591506519398707237760879"
            ]
        },
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@32cb08e958696908a9aad5e49a78d74f7e32fffb",
        "id": "CVE-2022-49202-50d63ade",
        "deprecated": false,
        "target": {
            "file": "drivers/bluetooth/hci_h5.c"
        },
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "41968186943893998833009944898868484852",
                "120781682324571226270814006670025957707",
                "175868712813941493473902529732000428230",
                "212217424696987248624167302355865531530",
                "257903536805406402817978179865482895764",
                "11790921892260591506519398707237760879"
            ]
        },
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8a3896c30f542439d36303183dc96f65df8cc528",
        "id": "CVE-2022-49202-661d41c4",
        "deprecated": false,
        "target": {
            "file": "drivers/bluetooth/hci_h5.c"
        },
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "41968186943893998833009944898868484852",
                "120781682324571226270814006670025957707",
                "175868712813941493473902529732000428230",
                "212217424696987248624167302355865531530",
                "257903536805406402817978179865482895764",
                "11790921892260591506519398707237760879"
            ]
        },
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7235485433d290367d60ae22fcdfc565e61d42ab",
        "id": "CVE-2022-49202-c90bfdb1",
        "deprecated": false,
        "target": {
            "function": "h5_enqueue",
            "file": "drivers/bluetooth/hci_h5.c"
        },
        "signature_version": "v1",
        "digest": {
            "length": 831.0,
            "function_hash": "245519766156120556258026379925161059535"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e6b6c904c0f88588b6a3ace20e4c0d61eab124f8",
        "id": "CVE-2022-49202-f669a411",
        "deprecated": false,
        "target": {
            "function": "h5_enqueue",
            "file": "drivers/bluetooth/hci_h5.c"
        },
        "signature_version": "v1",
        "digest": {
            "length": 831.0,
            "function_hash": "245519766156120556258026379925161059535"
        },
        "signature_type": "Function"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
5.15.33
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.19
Type
ECOSYSTEM
Events
Introduced
5.17.0
Fixed
5.17.2