Linux 6.0.2 and LTS Kernel Updates Arrive to Fix WiFi Stack Vulnerabilities

Linux 6.0.2 fixes WiFi bugs

Linus Torvalds is primarily responsible for the Linux kernel, but he mainly focuses on point-zero versions that he releases every two months or so. Then there are other developers or maintainers who are responsible for releasing maintenance updates, such as Greg Kroah-Hartman, who released a few hours ago Linux 6.0.2 to fix security flaws affecting the WiFi stack. Along with 6.0.2, Kroah-Hartman has also released updates to the affected kernels that are still supported.

In total, fixed 5 vulnerabilities affecting the WiFi Stack, making all of them known last Thursday, October 13. Not even two days have passed for the patches to be released, and all users are advised to update as soon as possible. The new versions are Linux 6.0.2, Linux 5.19.16, Linux 5.15.74, Linux 5.10.148, and Linux 5.4.248; the rest of the LTS versions still supported (4.9, 4.14 and 4.19) would not be affected.

Linux 6.0.2 and other LTS fixes 5 security flaws

The security flaws fixed are:

  • CVE-2022-41674 – Fix u8 overflow in cfg80211_update_notlisted_nontrans (max 256 byte overwrite).
  • CVE-2022-42719: wifi: mac80211: fix parsing of MBSSID use-after-free use-after-free condition.
  • CVE-2022-42720: wifi: cfg80211: fixed SRS count errors regarding usability after release.
  • CVE-2022-42721: wifi: cfg80211: prevent untransmitted BSS list corruption.
  • CVE-2022-42722: wifi: mac80211: Fixed beacon protection failing in case the P2P device suffers from a NULL ptr bypass.

Linux 6.0.2 and all other LTS versions with patches are available in, requiring manual installation if downloading the tarballs from said portal. Distributions like Ubuntu don't use the official kernel, and patches are released by the company that develops the operating system, like in this case Canonical. In most cases, unless manual installation has been done, patches arrive as part of operating system updates.

The content of the article adheres to our principles of editorial ethics. To report an error click here.

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *



  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.