CVE-2022-42720
kernel: use-after-free in bss_ref_get in net/wireless/scan.c
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
Varios errores de recuento en el manejo de multi-BSS en la pila mac80211 en el kernel de Linux versiones 5.1 hasta 5.19.14, podrían ser usados por atacantes locales (capaces de inyectar tramas WLAN) para desencadenar condiciones de uso de memoria previamente liberada para potencialmente ejecutar código
A use-after-free flaw was found in bss_ref_get in the net/wireless/scan.c in the Linux kernel. This issue can lead to a denial of service or arbitrary code execution.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-10-10 CVE Reserved
- 2022-10-13 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-416: Use After Free
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html | Third Party Advisory | |
https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html | Mailing List | |
https://security.netapp.com/advisory/ntap-20230203-0008 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
http://www.openwall.com/lists/oss-security/2022/10/13/5 | 2024-08-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.1 < 5.4.218 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 5.4.218" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.10.148 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.148" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.15.74 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.15.74" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.16 < 5.19.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 5.19.16" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.0 < 6.0.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.0 < 6.0.2" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 36 Search vendor "Fedoraproject" for product "Fedora" and version "36" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 37 Search vendor "Fedoraproject" for product "Fedora" and version "37" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
|