PT-2022-1379 · Linux+9 · Linux Kernel+9

Sönke Huster

Published

2022-10-10

Updated

2024-06-15

CVE-2022-41674

CVSS v3.1

8.1

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.16

Description An issue in the Linux kernel allows attackers who can inject WLAN frames to cause a buffer overflow in the ieee80211 bss info update function in net/mac80211/scan.c. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. The issue is also related to an integer overflow in the cfg80211 update notlisted nontrans function in net/wireless/scan.c, which could result in an out of bounds write.

Recommendations For Linux kernel versions prior to 5.19.16, update to version 5.19.16 or later to resolve the issue. As a temporary workaround, consider restricting access to WLAN frames to minimize the risk of exploitation. Additionally, disabling the ieee80211 bss info update function or restricting the use of the cfg80211 update notlisted nontrans function in net/wireless/scan.c could help mitigate the risk until a patch is applied.

Exploit

Fix

DoS

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-120

Related Identifiers

ALSA-2023:2148

ALSA-2023:2458

ALSA-2023:2736

ALSA-2023:2951

ALT-PU-2022-2848

ALT-PU-2022-2849

ALT-PU-2022-2860

ALT-PU-2022-2875

ALT-PU-2022-2877

ALT-PU-2022-2915

ALT-PU-2022-2919

ALT-PU-2022-2951

ALT-PU-2022-2965

ALT-PU-2022-2968

ALT-PU-2022-2970

ALT-PU-2022-2975

ALT-PU-2022-3061

ALT-PU-2023-1235

ALT-PU-2023-4894

ALT-PU-2023-7007

ALT-PU-2023-7682

ASB-A-253641805

AZL-11137

BDU:2022-06272

CESA-2023_2736

CESA-2023_2951

CVE-2022-41674

DLA-3173-1

DSA-5257-1

DSA-5257-2

LSN-0090-1

MGASA-2022-0379

MGASA-2022-0380

OESA-2022-2015

OPENSUSE-SU-2022_3775-1

OPENSUSE-SU-2022_3844-1

OPENSUSE-SU-2022_3897-1

OPENSUSE-SU-2022_3998-1

OPENSUSE-SU-2022_4617-1

OPENSUSE-SU-2024:12437-1

OPENSUSE-SU-2024:13704-1

RHSA-2023:2148

RHSA-2023:2458

RHSA-2023:2736

RHSA-2023:2951

RHSA-2023_2148

RHSA-2023_2458

RHSA-2023_2736

RHSA-2023_2951

RHSA-2024:1188

ROSA-SA-2023-2189

SUSE-SU-2022:3601-1

SUSE-SU-2022:3605-1

SUSE-SU-2022:3606-1

SUSE-SU-2022:3607-1

SUSE-SU-2022:3628-1

SUSE-SU-2022:3648-1

SUSE-SU-2022:3657-1

SUSE-SU-2022:3704-1

SUSE-SU-2022:3775-1

SUSE-SU-2022:3809-1

SUSE-SU-2022:3844-1

SUSE-SU-2022:3897-1

SUSE-SU-2022:3998-1

SUSE-SU-2022:4617-1

USN-5691-1

USN-5692-1

USN-5693-1

USN-5700-1

USN-5708-1

USN-5752-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Suse

Ubuntu

PT-2022-1379 · Linux+9 · Linux Kernel+9

CVE-2022-41674

Weakness Enumeration

Related Identifiers

Affected Products

References · 951