CVE-2022-42719 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Critical
Remote	Yes
Type	Arbitrary code execution
Description	A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could be used by remote attackers who are able to inject WLAN frames to crash the kernel and potentially execute code.

Group	Package	Affected	Fixed	Severity	Status
AVG-2803	linux-zen	5.1-1	6.0.1.zen2-1	Critical	Fixed
AVG-2802	linux-lts	5.1-1	5.15.73-3	Critical	Fixed
AVG-2801	linux	5.1-1	6.0.1.arch2-1	Critical	Fixed
AVG-2800	linux-hardened	5.1-1	5.19.15.hardened2-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
14 Oct 2022	ASA-202210-4	AVG-2803	linux-zen	Critical	multiple issues
14 Oct 2022	ASA-202210-3	AVG-2802	linux-lts	Critical	multiple issues
14 Oct 2022	ASA-202210-2	AVG-2801	linux	Critical	multiple issues
14 Oct 2022	ASA-202210-1	AVG-2800	linux-hardened	Critical	multiple issues

References
https://www.openwall.com/lists/oss-security/2022/10/13/2 https://www.openwall.com/lists/oss-security/2022/10/13/5 https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6 https://bugzilla.suse.com/show_bug.cgi?id=1204051

References

https://www.openwall.com/lists/oss-security/2022/10/13/2
https://www.openwall.com/lists/oss-security/2022/10/13/5
https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6
https://bugzilla.suse.com/show_bug.cgi?id=1204051

Notes
introduced in v5.2-rc1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5023b14cf4df4d22e1a80738167f3438c9e62e5f