---

CVE-2022-42720 - log back

CVE-2022-42720 edited at 14 Oct 2022 22:41:33

References

https://www.openwall.com/lists/oss-security/2022/10/13/2 https://www.openwall.com/lists/oss-security/2022/10/13/5 https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u - https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f + https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f https://bugzilla.suse.com/show_bug.cgi?id=1204059

CVE-2022-42720 edited at 14 Oct 2022 22:35:30
Notes	+ introduced in v5.1-rc1 + https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3584f56de1c808d4383a275b4a74467b19e5645

CVE-2022-42720 edited at 14 Oct 2022 18:41:59

Description

- Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by attackers who are able to inject WLAN frames to trigger use-after-free conditions to potentially execute code. + Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by remote attackers who are able to inject WLAN frames to trigger use-after-free conditions to potentially execute code.

CVE-2022-42720 edited at 14 Oct 2022 18:40:01

Description

- Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. + Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by attackers who are able to inject WLAN frames to trigger use-after-free conditions to potentially execute code.

CVE-2022-42720 edited at 14 Oct 2022 18:29:42
References	+ https://www.openwall.com/lists/oss-security/2022/10/13/2 + https://www.openwall.com/lists/oss-security/2022/10/13/5 + https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f https://bugzilla.suse.com/show_bug.cgi?id=1204059

CVE-2022-42720 edited at 14 Oct 2022 18:26:18
Severity	- Unknown + Critical
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
References	+ https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f + https://bugzilla.suse.com/show_bug.cgi?id=1204059
Notes

CVE-2022-42720 created at 14 Oct 2022 18:21:23