CVE-2022-42721 - log back

CVE-2022-42721 edited at 14 Oct 2022 22:41:42
References
https://www.openwall.com/lists/oss-security/2022/10/13/2
https://www.openwall.com/lists/oss-security/2022/10/13/5
https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
- https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f
https://bugzilla.suse.com/show_bug.cgi?id=1204060
CVE-2022-42721 edited at 14 Oct 2022 22:36:18
Notes
+ introduced in v5.1-rc1
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b8fb8235be8be99a197e8d948fc0a2df8dc261a
CVE-2022-42721 edited at 14 Oct 2022 18:42:17
Description
- A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
+ A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by remote attackers who are able to inject WLAN frames to corrupt a linked list and, in turn, potentially execute code.
CVE-2022-42721 edited at 14 Oct 2022 18:29:38
References
+ https://www.openwall.com/lists/oss-security/2022/10/13/2
+ https://www.openwall.com/lists/oss-security/2022/10/13/5
+ https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f
https://bugzilla.suse.com/show_bug.cgi?id=1204060
CVE-2022-42721 edited at 14 Oct 2022 18:25:28
Severity
- Unknown
+ Critical
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f
+ https://bugzilla.suse.com/show_bug.cgi?id=1204060
Notes
CVE-2022-42721 created at 14 Oct 2022 18:21:23