[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2022-42719Date: (C)2022-10-15   (M)2024-05-16


A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 8.8CVSS Score :
Exploit Score: 2.8Exploit Score:
Impact Score: 5.9Impact Score:
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: ADJACENT_NETWORKAccess Vector:
Attack Complexity: LOWAccess Complexity:
Privileges Required: NONEAuthentication:
User Interaction: NONEConfidentiality:
Scope: UNCHANGEDIntegrity:
Confidentiality: HIGHAvailability:
Integrity: HIGH 
Availability: HIGH 
  
Reference:
DSA-5257
FEDORA-2022-1a5b125ac6
FEDORA-2022-2cfbe17910
FEDORA-2022-b948fc3cfb
https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html
http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.html
http://www.openwall.com/lists/oss-security/2022/10/13/2
http://www.openwall.com/lists/oss-security/2022/10/13/5
https://bugzilla.suse.com/show_bug.cgi?id=1204051
https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6
https://security.netapp.com/advisory/ntap-20230203-0008/

CPE    1
cpe:/o:linux:linux_kernel
CWE    1
CWE-416
OVAL    31
oval:org.secpod.oval:def:707776
oval:org.secpod.oval:def:707833
oval:org.secpod.oval:def:94905
oval:org.secpod.oval:def:707774
...

© SecPod Technologies