ALPINE-CVE-2022-42720

ALPINE-CVE-2022-42720 PUBLISHED CVSS 7.800000190734863 HIGH

Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Alpine:v3.17	linux-lts	5.10.1-r0, 5.10.1-r1, 5.10.10-r1
Alpine:v3.18	linux-lts	5.15.27-r0, 5.4.82-r0, 5.4.81-r0
Alpine:v3.23	linux-lts	5.10.0-r0, 5.10.60-r0, 5.10.6-r0
Alpine:v3.15	linux-lts	5.10.0-r0, 5.10.1-r0, 5.10.1-r1
Alpine:v3.21	linux-lts	5.4.8-r0, 0, 5.10.0-r0
Alpine:v3.20	linux-lts	5.10.0-r0, 5.4.24-r1, 5.4.23-r1
Alpine:v3.16	linux-lts	5.4.14-r0, 5.10.0-r0, 5.10.1-r0
Alpine:v3.19	linux-lts	5.4.82-r0, 5.10.0-r0, 5.10.34-r0
Alpine:v3.22	linux-lts	5.4.82-r0, 5.4.81-r0, 5.4.80-r0

Timeline

Oct 14, 2022 CVE Published
Dec 3, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2022-42720 advisory

Open in Interactive Console →