AVG-2802 log

Package linux-lts
Status Fixed
Severity Critical
Type multiple issues
Affected 5.1-1
Fixed 5.15.73-3
Current 5.15.91-4 [testing]
5.15.91-1 [core]
Ticket None
Created Fri Oct 14 18:24:12 2022
Issue Severity Remote Type Description
CVE-2022-42722 Medium Yes Denial of service
In the Linux kernel 5.8 through 5.19.14, remote attackers are able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference...
CVE-2022-42721 Critical Yes Arbitrary code execution
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by remote attackers who are able to inject...
CVE-2022-42720 Critical Yes Arbitrary code execution
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by remote attackers who are...
CVE-2022-42719 Critical Yes Arbitrary code execution
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could be used by remote attackers who are...
CVE-2022-41674 High Yes Information disclosure
A buffer overflow flaw was found in the u8 overflow in cfg80211_update_notlisted_nontrans() in net/wireless/scan.c in the Linux kernel’s wifi subcomponent....
Date Advisory Package Type
14 Oct 2022 ASA-202210-3 linux-lts multiple issues
References
https://www.openwall.com/lists/oss-security/2022/10/13/2
https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u