CVE-2022-50447

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> Bluetooth: hci_conn: Fix crash on hci_create_cis_sync<br /> <br /> When attempting to connect multiple ISO sockets without using<br /> DEFER_SETUP may result in the following crash:<br /> <br /> BUG: KASAN: null-ptr-deref in hci_create_cis_sync+0x18b/0x2b0<br /> Read of size 2 at addr 0000000000000036 by task kworker/u3:1/50<br /> <br /> CPU: 0 PID: 50 Comm: kworker/u3:1 Not tainted<br /> 6.0.0-rc7-02243-gb84a13ff4eda #4373<br /> Hardware name: QEMU Standard PC (Q35 + ICH9, 2009),<br /> BIOS 1.16.0-1.fc36 04/01/2014<br /> Workqueue: hci0 hci_cmd_sync_work<br /> Call Trace:<br /> <br /> dump_stack_lvl+0x19/0x27<br /> kasan_report+0xbc/0xf0<br /> ? hci_create_cis_sync+0x18b/0x2b0<br /> hci_create_cis_sync+0x18b/0x2b0<br /> ? get_link_mode+0xd0/0xd0<br /> ? __ww_mutex_lock_slowpath+0x10/0x10<br /> ? mutex_lock+0xe0/0xe0<br /> ? get_link_mode+0xd0/0xd0<br /> hci_cmd_sync_work+0x111/0x190<br /> process_one_work+0x427/0x650<br /> worker_thread+0x87/0x750<br /> ? process_one_work+0x650/0x650<br /> kthread+0x14e/0x180<br /> ? kthread_exit+0x50/0x50<br /> ret_from_fork+0x22/0x30<br />