Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 2134517 (CVE-2022-42722)

Summary: CVE-2022-42722 kernel: Denial of service in beacon protection for P2P-device
Product: [Other] Security Response Reporter: Rohit Keshri <rkeshri>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: acaringi, adscvr, airlied, alciregi, bhu, brdeoliv, bskeggs, chwhite, crwood, ddepaula, debarbos, dvlasenk, ezulian, hdegoede, hkrzesin, hpa, jarod, jarodwilson, jburrell, jfaracco, jferlan, jforbes, jglisse, jkalliya, jlelli, joe.lawrence, jonathan, josef, jshortt, jstancek, jwboyer, jwyatt, kcarcia, kernel-maint, kernel-mgr, kyoshida, lgoncalv, linville, lleshchi, lzampier, masami256, mchehab, mcleanross9378242, nmurray, ptalbert, qzhao, rvrbovsk, scweaver, steved, tyberry, vkumar, walters, williams
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in P2P-Device in wifi in ieee80211_rx_h_decrypt in net/mac80211/rx.c in the Linux kernel, leading to a denial of service.
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-05-16 20:31:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2134579, 2134580, 2134581, 2134582, 2134583    
Bug Blocks:    

Description Rohit Keshri 2022-10-13 14:14:19 UTC
If beacon protection is active but the beacon cannot be decrypted or is otherwise malformed, we call the cfg80211 API to report this to userspace, but that uses a netdev pointer, which isn't present for P2P-Device.

Comment 2 Rohit Keshri 2022-10-13 16:54:47 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2134579]

Comment 7 mcleanross9378242@gmail.com 2022-11-02 22:47:48 UTC
Disavow links are available https://cookieclickercity.com

Comment 13 errata-xmlrpc 2023-05-09 07:12:02 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:2148 https://access.redhat.com/errata/RHSA-2023:2148

Comment 14 errata-xmlrpc 2023-05-09 07:51:42 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:2458 https://access.redhat.com/errata/RHSA-2023:2458

Comment 15 errata-xmlrpc 2023-05-16 08:05:25 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:2736 https://access.redhat.com/errata/RHSA-2023:2736

Comment 16 errata-xmlrpc 2023-05-16 08:34:12 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:2951 https://access.redhat.com/errata/RHSA-2023:2951

Comment 17 Product Security DevOps Team 2023-05-16 20:31:38 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-42722

Comment 20 errata-xmlrpc 2024-03-06 12:36:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:1188 https://access.redhat.com/errata/RHSA-2024:1188