vulnerability
Oracle Linux: CVE-2022-41674: ELSA-2023-2458: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:A/AC:L/Au:S/C:C/I:N/A:C) | Oct 13, 2022 | Jul 22, 2024 | Dec 3, 2025 |
Severity
7
CVSS
(AV:A/AC:L/Au:S/C:C/I:N/A:C)
Published
Oct 13, 2022
Added
Jul 22, 2024
Modified
Dec 3, 2025
Description
An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.
A buffer overflow flaw was found in the u8 overflow in cfg80211_update_notlisted_nontrans() in net/wireless/scan.c in the Linux kernel’s wifi subcomponent. This flaw allows an attacker to crash the system or leak internal kernel information.
A buffer overflow flaw was found in the u8 overflow in cfg80211_update_notlisted_nontrans() in net/wireless/scan.c in the Linux kernel’s wifi subcomponent. This flaw allows an attacker to crash the system or leak internal kernel information.
Solution
oracle-linux-upgrade-kernel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.