CVE-2022-45934 is a high-severity vulnerability identified in the Linux kernel versions up to 6.0.10, specifically within the Bluetooth protocol stack implementation. The flaw exists in the function l2cap_config_req located in net/bluetooth/l2cap_core.c, which handles L2CAP (Logical Link Control and Adaptation Protocol) configuration request packets. The vulnerability is an integer wraparound issue (classified under CWE-190), where improper handling of certain fields in L2CAP_CONF_REQ packets can cause an integer overflow or wraparound. This can lead to memory corruption, potentially allowing an attacker with limited privileges (local access) to escalate their privileges or cause denial of service by crashing the kernel. The vulnerability requires local access (AV:L), low attack complexity (AC:L), and low privileges (PR:L), but does not require user interaction (UI:N). The scope is unchanged (S:U), and the impact is critical across confidentiality, integrity, and availability (C:H/I:H/A:H). Although no known exploits are reported in the wild, the vulnerability poses a significant risk due to the widespread use of Linux kernels in various environments, including servers, desktops, and embedded devices. The Bluetooth stack is commonly enabled on many Linux-based systems, increasing the attack surface. The absence of vendor or product-specific details suggests this is a generic Linux kernel issue affecting all distributions using vulnerable kernel versions. No official patch links are provided in the data, but given the kernel version cutoff, it is expected that newer kernel versions have addressed this issue. The integer wraparound in L2CAP configuration requests could be triggered by sending specially crafted Bluetooth packets, potentially from nearby devices or compromised local systems, making it a concern for environments with Bluetooth enabled and accessible.

For European organizations, the impact of CVE-2022-45934 can be substantial, especially in sectors relying heavily on Linux-based infrastructure such as telecommunications, manufacturing, research institutions, and public sector entities. The vulnerability could allow local attackers or malicious insiders to escalate privileges or cause system crashes, leading to service disruptions or unauthorized access to sensitive data. Given the critical impact on confidentiality, integrity, and availability, exploitation could result in data breaches, operational downtime, and loss of trust. Organizations using Linux-based IoT devices or embedded systems with Bluetooth capabilities are particularly at risk, as these devices often have limited security controls and may be harder to patch promptly. The vulnerability could also affect Linux-based endpoints used by employees, potentially serving as a foothold for lateral movement within networks. Since the attack vector requires local access, the threat is more pronounced in environments where physical or network proximity to Bluetooth-enabled devices is possible, such as offices, manufacturing floors, or public spaces. The lack of known exploits in the wild reduces immediate risk but does not eliminate the potential for future exploitation, especially as proof-of-concept code could emerge. Therefore, European organizations must assess their exposure based on Bluetooth usage and Linux kernel versions in their environments.

1. Update Linux kernels to versions later than 6.0.10 where the vulnerability has been patched. Regularly monitor kernel security advisories from trusted sources such as the Linux Kernel Mailing List and distribution maintainers. 2. Disable Bluetooth functionality on Linux systems where it is not required, especially on servers and critical infrastructure, to reduce the attack surface. 3. Implement strict access controls to limit local user privileges, minimizing the risk of privilege escalation through this vulnerability. 4. Employ network segmentation and endpoint security controls to restrict access to Bluetooth-enabled devices and prevent unauthorized local access. 5. Monitor system logs and Bluetooth activity for unusual or malformed L2CAP packets that could indicate attempted exploitation. 6. For embedded and IoT devices running vulnerable kernels, coordinate with vendors for firmware updates or consider device replacement if patches are unavailable. 7. Educate staff about the risks of connecting unknown Bluetooth devices and enforce policies to prevent unauthorized Bluetooth pairing. 8. Use security tools capable of detecting kernel-level anomalies or crashes that may result from exploitation attempts.