A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
04 Nov 2022, 19:18
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* | |
References |
|
25 Oct 2022, 14:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* | |
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5257 - Third Party Advisory |
19 Oct 2022, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Oct 2022, 14:06
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/ - Mailing List, Third Party Advisory | |
References | (MISC) https://bugzilla.suse.com/show_bug.cgi?id=1204051 - Issue Tracking, Patch, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/ - Mailing List, Third Party Advisory | |
References | (MISC) http://www.openwall.com/lists/oss-security/2022/10/13/2 - Mailing List, Patch, Third Party Advisory | |
References | (MISC) http://www.openwall.com/lists/oss-security/2022/10/13/5 - Exploit, Mailing List, Third Party Advisory | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6 - Mailing List, Patch, Vendor Advisory | |
CWE | CWE-416 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
18 Oct 2022, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Oct 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Oct 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. |
14 Oct 2022, 15:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-13 23:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-42719
Mitre link : CVE-2022-42719
CVE.ORG link : CVE-2022-42719
JSON object : View
Products Affected
debian
- debian_linux
fedoraproject
- fedora
linux
- linux_kernel
CWE
CWE-416
Use After Free