CVE-2022-42720

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-42720

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-42720.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-42720

Aliases

A-253642015
ASB-A-253642015

Downstream

ALPINE-CVE-2022-42720

DEBIAN-CVE-2022-42720

DLA-3173-1

DSA-5257-1

OESA-2022-2015

RHSA-2023:2148

RHSA-2023:2458

RHSA-2023:2736

RHSA-2023:2951

RHSA-2024:1188

SUSE-SU-2022:3601-1

SUSE-SU-2022:3605-1

SUSE-SU-2022:3606-1

SUSE-SU-2022:3607-1

SUSE-SU-2022:3628-1

SUSE-SU-2022:3648-1

SUSE-SU-2022:3657-1

SUSE-SU-2022:3704-1

SUSE-SU-2022:3775-1

SUSE-SU-2022:3809-1

SUSE-SU-2022:3844-1

SUSE-SU-2022:3897-1

SUSE-SU-2022:3998-1

SUSE-SU-2022:4617-1

UBUNTU-CVE-2022-42720

LSN-0090-1

USN-5691-1

USN-5692-1

USN-5693-1

USN-5708-1

USN-5752-1

openSUSE-SU-2024:12437-1

openSUSE-SU-2024:13704-1

Related

Published

2022-10-14T00:15:09Z

Modified

2025-08-09T20:01:25Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.

References

Affected packages