CVE-2022-42720 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Critical
Remote	Yes
Type	Arbitrary code execution
Description	Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by remote attackers who are able to inject WLAN frames to trigger use-after-free conditions to potentially execute code.

Group	Package	Affected	Fixed	Severity	Status
AVG-2803	linux-zen	5.1-1	6.0.1.zen2-1	Critical	Fixed
AVG-2802	linux-lts	5.1-1	5.15.73-3	Critical	Fixed
AVG-2801	linux	5.1-1	6.0.1.arch2-1	Critical	Fixed
AVG-2800	linux-hardened	5.1-1	5.19.15.hardened2-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
14 Oct 2022	ASA-202210-4	AVG-2803	linux-zen	Critical	multiple issues
14 Oct 2022	ASA-202210-3	AVG-2802	linux-lts	Critical	multiple issues
14 Oct 2022	ASA-202210-2	AVG-2801	linux	Critical	multiple issues
14 Oct 2022	ASA-202210-1	AVG-2800	linux-hardened	Critical	multiple issues

References
https://www.openwall.com/lists/oss-security/2022/10/13/2 https://www.openwall.com/lists/oss-security/2022/10/13/5 https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f https://bugzilla.suse.com/show_bug.cgi?id=1204059

References

https://www.openwall.com/lists/oss-security/2022/10/13/2
https://www.openwall.com/lists/oss-security/2022/10/13/5
https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f
https://bugzilla.suse.com/show_bug.cgi?id=1204059

Notes
introduced in v5.1-rc1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3584f56de1c808d4383a275b4a74467b19e5645