There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim.
We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url
Published: 2022-11-23
CVSS: 8.8
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Download Exploit for CVE-2022-42896 here:
Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.
https://augustaverburg.nl/exploit-394-cve-2023-3079/
https://augustaverburg.nl/exploit-433-cve-2021-43267/
https://augustaverburg.nl/exploit-495-cve-2018-20685/
https://augustaverburg.nl/exploit-788-cve-2025-32911/
https://augustaverburg.nl/exploit-511-cve-2022-23646/