Vulnerability Details : CVE-2022-42719
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
Vulnerability category: Memory CorruptionExecute code
Products affected by CVE-2022-42719
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-42719
0.40%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-42719
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.8
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2022-42719
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-42719
-
http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.html
Kernel Live Patch Security Notice LNS-0091-1 ≈ Packet Storm
-
https://bugzilla.suse.com/show_bug.cgi?id=1204051
Bug 1204051 – VUL-0: CVE-2022-42719: kernel: remote crash/code execution with wlan frames when parsing a multi-BSSID elementIssue Tracking;Patch;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2022/10/13/5
oss-security - Re: Various Linux Kernel WLAN security issues (RCE/DOS) foundExploit;Mailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/
[SECURITY] Fedora 35 Update: kernel-5.19.15-101.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/
[SECURITY] Fedora 37 Update: kernel-5.19.15-301.fc37 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/
[SECURITY] Fedora 36 Update: kernel-5.19.15-201.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6
kernel/git/wireless/wireless.git - kvalo's fork of linux.gitMailing List;Patch;Vendor Advisory
-
https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html
[SECURITY] [DLA 3173-1] linux-5.10 security updateMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2022/10/13/2
oss-security - Various Linux Kernel WLAN security issues (RCE/DOS) foundMailing List;Patch;Third Party Advisory
-
https://www.debian.org/security/2022/dsa-5257
Debian -- Security Information -- DSA-5257-1 linuxThird Party Advisory
-
https://security.netapp.com/advisory/ntap-20230203-0008/
October 2022 Linux Kernel 5.19.15 Vulnerabilities in NetApp Products | NetApp Product Security
Jump to