CVE-2022-41674

An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html	Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2022/10/13/2	Mailing List Patch Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1203770	Issue Tracking Patch Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/net/mac80211/scan.c	Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d	Mailing List Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/
https://www.debian.org/security/2022/dsa-5257	Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/10/13/5	Exploit Mailing List Third Party Advisory
http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html	Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2022/10/13/2	Mailing List Patch Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1203770	Issue Tracking Patch Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/net/mac80211/scan.c	Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d	Mailing List Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/
https://www.debian.org/security/2022/dsa-5257	Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/10/13/5	Exploit Mailing List Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:35:::::::*
	cpe:2.3:o:fedoraproject:fedora:36:::::::*
	cpe:2.3:o:fedoraproject:fedora:37:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:debian:debian_linux:11.0:::::::*

History

21 Nov 2024, 07:23

Type	Values Removed	Values Added
References	~~() http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html - Third Party Advisory, VDB Entry~~	() http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html - Third Party Advisory, VDB Entry
References	~~() http://www.openwall.com/lists/oss-security/2022/10/13/2 - Mailing List, Patch, Third Party Advisory~~	() http://www.openwall.com/lists/oss-security/2022/10/13/2 - Mailing List, Patch, Third Party Advisory
References	~~() https://bugzilla.suse.com/show_bug.cgi?id=1203770 - Issue Tracking, Patch, Third Party Advisory~~	() https://bugzilla.suse.com/show_bug.cgi?id=1203770 - Issue Tracking, Patch, Third Party Advisory
References	~~() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/net/mac80211/scan.c - Vendor Advisory~~	() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/net/mac80211/scan.c - Vendor Advisory
References	~~() https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d - Mailing List, Patch, Vendor Advisory~~	() https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d - Mailing List, Patch, Vendor Advisory
References	~~() https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html - Mailing List, Third Party Advisory~~	() https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html - Mailing List, Third Party Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/ -
References	~~() https://www.debian.org/security/2022/dsa-5257 - Third Party Advisory~~	() https://www.debian.org/security/2022/dsa-5257 - Third Party Advisory
References	~~() https://www.openwall.com/lists/oss-security/2022/10/13/5 - Exploit, Mailing List, Third Party Advisory~~	() https://www.openwall.com/lists/oss-security/2022/10/13/5 - Exploit, Mailing List, Third Party Advisory

07 Nov 2023, 03:52

Type	Values Removed	Values Added
References	{'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/', 'name': 'FEDORA-2022-2cfbe17910', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/', 'name': 'FEDORA-2022-b948fc3cfb', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/', 'name': 'FEDORA-2022-1a5b125ac6', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/ -

Information

Published : 2022-10-14 00:15

Updated : 2024-11-21 07:23

NVD link : CVE-2022-41674

Mitre link : CVE-2022-41674

CVE.ORG link : CVE-2022-41674

JSON object : View

Products Affected

fedoraproject

fedora

linux

linux_kernel

debian

debian_linux

CWE

CWE-787

Out-of-bounds Write

8.1 /10