CVE Vulnerabilities

CVE-2022-3806

Double Free

Published: Jan 25, 2023 | Modified: Nov 21, 2024
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer.

Weakness

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

Affected Software

Name Vendor Start Version End Version
Zephyr Zephyrproject * 3.2.0 (including)

Potential Mitigations

References