Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-42722

Опубликовано: 13 окт. 2022
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.

A flaw was found in P2P-Device in wifi in ieee80211_rx_h_decrypt in net/mac80211/rx.c in the Linux kernel, leading to a denial of service.

Меры по смягчению последствий

To mitigate this issue, prevent module mac80211 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2023:273616.05.2023
Red Hat Enterprise Linux 8kernelFixedRHSA-2023:295116.05.2023
Red Hat Enterprise Linux 8.6 Extended Update SupportkernelFixedRHSA-2024:118806.03.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023
Red Hat Enterprise Linux 9kernel-rtFixedRHSA-2023:214809.05.2023
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8kernelFixedRHSA-2024:118806.03.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-705
https://bugzilla.redhat.com/show_bug.cgi?id=2134517kernel: Denial of service in beacon protection for P2P-device

EPSS

Процентиль: 20%
0.00061
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-42722

CVSS3: 5.5
ubuntu
больше 2 лет назад

In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.

nvd логотип

CVE-2022-42722

CVSS3: 5.5
nvd
больше 2 лет назад

In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.

msrc логотип

CVE-2022-42722

CVSS3: 5.5
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2022-42722

CVSS3: 5.5
debian
больше 2 лет назад

In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers ...

suse-cvrf логотип

SUSE-SU-2022:4037-1

suse-cvrf
больше 2 лет назад

Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP3)

EPSS

Процентиль: 20%
0.00061
Низкий

5.5 Medium

CVSS3