CVE-2022-42719

CVSS v3.1 8.8 (High)

EPSS 0.99 % (84^th)

Affected Products 3

Advisories 33

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.

Weaknesses

CWE-416: Use After Free

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2022-10-13 23:15:11
(23 months ago)
Updated Date: 2023-11-07 03:53:24
(10 months ago)

Affected Products

Configuration #1

	CPE23	From	Up To
Linux Kernel from 5.2 version and prior 5.4.219 version	cpe:2.3:o:linux:linux_kernel	>= 5.2	< 5.4.219
Linux Kernel from 5.5 version and prior 5.10.149 version	cpe:2.3:o:linux:linux_kernel	>= 5.5	< 5.10.149
Linux Kernel from 5.11 version and prior 5.15.74 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.74
Linux Kernel from 5.16 version and prior 5.19.16 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 5.19.16
Linux Kernel from 6.0 version and prior 6.0.2 version	cpe:2.3:o:linux:linux_kernel	>= 6.0	< 6.0.2

Configuration #2

		CPE23	From	Up To
	Fedoraproject Fedora 35	cpe:2.3:o:fedoraproject:fedora:35
	Fedoraproject Fedora 36	cpe:2.3:o:fedoraproject:fedora:36
	Fedoraproject Fedora 37	cpe:2.3:o:fedoraproject:fedora:37

Configuration #3

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0

Weaknesses

Affected Products

Debian

Fedoraproject

Linux

Configuration #1

Configuration #2

Configuration #3