CVE-2022-3619 A vulnerability has been found in Linux Kernel and classified as problematic. The manipulation leads to memory leak.

When a certain Bluetooth device is connected to a system, it may be possible for an attacker to obtain its password by sending an LDAP query request. This is possible as the Bluetooth profile supports LDAP authentication. Linux users are advised to update their system as soon as possible to avoid any possible remote attack. In case you want to check if your system is vulnerable or not, then you can follow the given steps. First of all, connect your system to the internet. Now open a terminal and run the following command. hciconfig hci0 If you see “Connected: yes”, then you are vulnerable. If not, then update your system right away.

Check if Bluetooth is enabled on your system

To check if Bluetooth is enabled on your system, you have to open a terminal and run the following command. hciconfig hci0
If you get “Connected: yes” as a result, then your system is vulnerable. If not, then update your system right away.

Install Bluetooth Dependencies

You need to install the Bluetooth dependencies on your system. The following commands will do that:
apt-get update
apt-get install bluetooth bluez blueman

Check if your system is vulnerable to CVE-2015-3619

Timeline

Published on: 10/20/2022 20:15:00 UTC
Last modified on: 10/24/2022 13:45:00 UTC

References