A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:53
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 Feb 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Jan 2023, 18:10
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html - Third Party Advisory, VDB Entry |
21 Nov 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Nov 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html - Mailing List, Third Party Advisory |
01 Nov 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Oct 2022, 14:25
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/ - Mailing List, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5257 - Third Party Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
|
First Time |
Debian debian Linux
Debian |
19 Oct 2022, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Oct 2022, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Oct 2022, 17:32
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
First Time |
Fedoraproject
Linux Fedoraproject fedora Linux linux Kernel |
|
CWE | CWE-835 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f - Mailing List, Patch, Vendor Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/ - Mailing List, Third Party Advisory | |
References | (MISC) https://bugzilla.suse.com/show_bug.cgi?id=1204060 - Issue Tracking, Patch, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/ - Mailing List, Third Party Advisory | |
References | (MISC) http://www.openwall.com/lists/oss-security/2022/10/13/5 - Exploit, Mailing List, Third Party Advisory |
15 Oct 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Oct 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. |
14 Oct 2022, 15:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Oct 2022, 00:31
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-14 00:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-42721
Mitre link : CVE-2022-42721
CVE.ORG link : CVE-2022-42721
JSON object : View
Products Affected
linux
- linux_kernel
debian
- debian_linux
fedoraproject
- fedora
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')