CVE-2022-42722 in Linux
Summary
by MITRE • 10/14/2022
In the Linux kernel 5.8 through 5.19.14, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 05/18/2025
The vulnerability identified as CVE-2022-42722 represents a critical denial-of-service weakness within the linux kernel's wireless subsystem, specifically affecting versions between 5.8 and 5.19.14. This flaw resides in the mac80211 wireless networking stack which serves as the foundation for wireless device management in linux environments. The vulnerability manifests when local attackers with the ability to inject wlan frames can manipulate the beacon protection mechanisms of p2p devices, leading to system instability and potential service disruption.
The technical root cause of this vulnerability stems from inadequate input validation within the mac80211 subsystem's handling of beacon frames from p2p devices. When maliciously crafted wlan frames are injected into the wireless stack, the system fails to properly validate pointer references during beacon protection processing. This results in a null pointer dereference condition that causes the kernel to crash or become unresponsive, effectively rendering the wireless functionality of affected systems unavailable. The vulnerability operates at the kernel level where proper bounds checking and pointer validation mechanisms are insufficient to prevent exploitation.
The operational impact of CVE-2022-42722 extends beyond simple service disruption to potentially compromise entire wireless networking capabilities within affected systems. P2P devices that rely on beacon protection mechanisms for network coordination become particularly vulnerable, as attackers can exploit this weakness to target specific wireless access points or client devices. The local nature of the attack means that exploitation requires physical proximity or network access to inject wlan frames, but once successful, the denial-of-service condition can affect critical network operations. This vulnerability particularly impacts enterprise wireless infrastructure where p2p device functionality is commonly utilized for device discovery and network coordination.
Mitigation strategies for this vulnerability should prioritize immediate kernel updates to versions beyond 5.19.14 where the issue has been addressed through proper pointer validation and input sanitization. System administrators should implement network segmentation to limit local access to wireless interfaces and consider disabling unnecessary p2p functionality where possible. The vulnerability aligns with CWE-476 which specifically addresses null pointer dereference conditions in software systems. From an attack framework perspective, this vulnerability maps to the privilege escalation and denial-of-service categories within the MITRE ATT&CK framework, specifically targeting the wireless networking components of operating systems to disrupt availability services. Organizations should also implement monitoring solutions to detect unusual wireless frame injection patterns that could indicate exploitation attempts against this vulnerability.