Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
11289-0ubuntu111510-0ubuntu111510-0ubuntu1.17906-0ubuntu3~18.04.17906-0ubuntu4~18.04.17906-0ubuntu4~18.04.21:0~89.12325-git36c5be1a-0ubuntu11:0~91.12629-gite112ecce-0ubuntu11:0~93.12955-gite723a6f0-0ubuntu19340-0ubuntu49340-0ubuntu59858-0ubuntu19858-0ubuntu29858-0ubuntu39858-0ubuntu3.17906-0ubuntu17906-0ubuntu28042-0ubuntu18042-0ubuntu28042-0ubuntu38286-0ubuntu18324-0ubuntu18324-0ubuntu3~20.04.18324-0ubuntu3~20.04.28324-0ubuntu3~20.04.3+1 more8324-0ubuntu3~20.04.55.3.0-18.195.3.0-24.265.4.0-100.1135.4.0-104.1185.4.0-105.1195.4.0-107.1215.4.0-109.1235.4.0-110.1245.4.0-113.1275.4.0-117.132+56 more5.4.0-131.1475.13.0-19.195.15.0-17.175.15.0-18.185.15.0-22.225.15.0-23.235.15.0-25.255.15.0-27.285.15.0-30.315.15.0-33.345.15.0-35.36+9 more5.15.0-52.584.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.184.4.0-2.166.5.0-9.96.11.0-8.8Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H