VDB
CISA-2022-42721
CISA-2022-42721
PUBLISHED
CVSS 5.5 MEDIUM
Reported by mitre · Published October 13, 2022
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Oct 13, 2022 CVE Published
- May 15, 2025 CVE Updated
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Security Advisory
References
- FEDORA-2022-2cfbe17910 vendor-advisory
- FEDORA-2022-b948fc3cfb vendor-advisory
- FEDORA-2022-1a5b125ac6 vendor-advisory
- DSA-5257 vendor-advisory
- [debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update mailing-list