CVE-2022-42719 : LINUX KERNEL UP TO 5.19.14 MAC80211 STACK USE AFTER FREE

Description

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.

References

http://www.openwall.com/lists/oss-security/2022/10/13/2

http://www.openwall.com/lists/oss-security/2022/10/13/5

https://bugzilla.suse.com/show_bug.cgi?id=1204051

https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-45884 : LINUX KERNEL UP TO 6.0.9 DVBDEV.C DVB_REGISTER_DEVICE USE AFTER FREE

CVE-2022-45884 : LINUX KERNEL UP TO 6.0.9 DVBDEV.C DVB_REGISTER_DEVICE USE AFTER FREE

Description An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating

CVE-2022-41875 : OPTICA UP TO 0.10.1 JSON OJ.SAFE_LOAD DESERIALIZATION

CVE-2022-41875 : OPTICA UP TO 0.10.1 JSON OJ.SAFE_LOAD DESERIALIZATION

Description A remote code execution (RCE) vulnerability in Optica allows unauthenticated attackers to execute arbitrary code via specially crafted JSON

CVE-2022-3910 : LINUX KERNEL LOCAL PRIVILEGE IO_URING USE AFTER FREE

CVE-2022-3910 : LINUX KERNEL LOCAL PRIVILEGE IO_URING USE AFTER FREE

Description Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads