CVE-2022-42719

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers able to inject WLAN frames to crash the kernel and potentially execute code...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 5.19.11 and earlier, which originates from an attacker capable of injecting WLAN frames can cause a buffer overflow in t...

CVE-2022-41674

CVE-2022-41674 affects the Linux kernel (pre-5.19.16) and is triggered by injecting WLAN frames, causing a buffer overflow in ieee80211_bss_info_update() within net/mac80211/scan.c. Reported impact includes high confidentiality and high availability risk (I=None, A=High, C=High) with adjacent att...

CVE-2022-42722

In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices...

CVE-2022-41674

An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211bssinfoupdate function in net/mac80211/scan.c...

CVE-2022-42720

Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers able to inject WLAN frames to trigger use-after-free conditions to potentially execute code...

CVE-2022-41674

An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211bssinfoupdate function in net/mac80211/scan.c...

CVE-2022-42722

In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices...

CVE-2022-42719

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers able to inject WLAN frames to crash the kernel and potentially execute code...

CVE-2022-42722

In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices...

CVE-2022-42721

A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers able to inject WLAN frames to corrupt a linked list and, in turn, potentially execute code...

CVE-2022-42720

Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers able to inject WLAN frames to trigger use-after-free conditions to potentially execute code...

Security Bulletin: Multiple vulnerabilities in HTTP/2 implementation used by Liberty for Java for IBM Cloud

Summary There are multiple vulnerabilities in the HTTP/2 implementation that is used by WebSphere Application Server Liberty. This affects the servlet-4.0 and servlet-3.1 features. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2019-9515 DESCRIPTION: Some HTTP/2...

PT-2022-17488 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to memory corruption in WLAN due to an integer overflow leading to a buffer overflow while parsing GTK frames. This affects various Qualcomm Snapdragon...

CVE-2022-20945

A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points APs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of certain...

PT-2022-6018 · Cisco · Cisco Catalyst 9100 Series Access Points

Name of the Vulnerable Software and Affected Versions: Cisco Catalyst 9100 Series Access Points affected versions not specified Description: A vulnerability in the 802.11 association frame validation could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on a...

openSUSE 15 Security Update : opera (openSUSE-SU-2022:10130-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10130-1 advisory. - Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a...

CVE-2022-3199

Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2022-3199

Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2022-3199

Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...