CVE-2022-3628: Buffer Overflow

First published: Sat Oct 22 2022(Updated: )

A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/kernel-rt	<0:4.18.0-477.10.1.rt7.274.el8_8	0:4.18.0-477.10.1.rt7.274.el8_8
redhat/kernel	<0:4.18.0-477.10.1.el8_8	0:4.18.0-477.10.1.el8_8
redhat/kernel	<0:5.14.0-284.11.1.el9_2	0:5.14.0-284.11.1.el9_2
redhat/kernel-rt	<0:5.14.0-284.11.1.rt14.296.el9_2	0:5.14.0-284.11.1.rt14.296.el9_2
Linux Linux kernel	=6.1-rc5
redhat/Linux kernel	<6.1	6.1
ubuntu/linux	<4.15.0-206.217	4.15.0-206.217
ubuntu/linux	<5.4.0-139.156	5.4.0-139.156
ubuntu/linux	<5.15.0-60.66	5.15.0-60.66
ubuntu/linux	<5.19.0-31.32	5.19.0-31.32
ubuntu/linux	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux	<4.4.0-239.273	4.4.0-239.273
ubuntu/linux-aws	<4.15.0-1151.164	4.15.0-1151.164
ubuntu/linux-aws	<5.4.0-1096.104	5.4.0-1096.104
ubuntu/linux-aws	<5.15.0-1030.34	5.15.0-1030.34
ubuntu/linux-aws	<5.19.0-1019.20	5.19.0-1019.20
ubuntu/linux-aws	<4.4.0-1117.123	4.4.0-1117.123
ubuntu/linux-aws	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-aws	<4.4.0-1155.170	4.4.0-1155.170
ubuntu/linux-aws-5.0	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-aws-5.15	<5.15.0-1030.34~20.04.1	5.15.0-1030.34~20.04.1
ubuntu/linux-aws-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-aws-5.4	<5.4.0-1096.104~18.04.1	5.4.0-1096.104~18.04.1
ubuntu/linux-aws-5.4	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-aws-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-aws-fips	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-aws-hwe	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-aws-hwe	<4.15.0-1151.164~16.04.1	4.15.0-1151.164~16.04.1
ubuntu/linux-azure	<5.4.0-1103.109	5.4.0-1103.109
ubuntu/linux-azure	<5.15.0-1033.40	5.15.0-1033.40
ubuntu/linux-azure	<5.19.0-1020.21	5.19.0-1020.21
ubuntu/linux-azure	<4.15.0-1162.177~14.04.1	4.15.0-1162.177~14.04.1
ubuntu/linux-azure	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-azure	<4.15.0-1162.177~16.04.1	4.15.0-1162.177~16.04.1
ubuntu/linux-azure-4.15	<4.15.0-1162.177	4.15.0-1162.177
ubuntu/linux-azure-4.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-azure-5.15	<5.15.0-1033.40~20.04.1	5.15.0-1033.40~20.04.1
ubuntu/linux-azure-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-azure-5.4	<5.4.0-1103.109~18.04.1	5.4.0-1103.109~18.04.1
ubuntu/linux-azure-5.4	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-azure-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-azure-edge	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-azure-fde	<5.4.0-1103.109	5.4.0-1103.109
ubuntu/linux-azure-fde	<5.15.0-1033.40.1	5.15.0-1033.40.1
ubuntu/linux-azure-fde	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-azure-fde-5.15	<5.15.0-1033.40~20.04.1.1	5.15.0-1033.40~20.04.1.1
ubuntu/linux-azure-fde-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-azure-fips	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-bluefield	<5.4.0-1058.64	5.4.0-1058.64
ubuntu/linux-bluefield	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-dell300x	<4.15.0-1061.66	4.15.0-1061.66
ubuntu/linux-dell300x	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-fips	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gcp	<5.4.0-1100.109	5.4.0-1100.109
ubuntu/linux-gcp	<5.15.0-1029.36	5.15.0-1029.36
ubuntu/linux-gcp	<5.19.0-1017.19	5.19.0-1017.19
ubuntu/linux-gcp	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gcp	<4.15.0-1146.162~16.04.1	4.15.0-1146.162~16.04.1
ubuntu/linux-gcp-4.15	<4.15.0-1146.162	4.15.0-1146.162
ubuntu/linux-gcp-4.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gcp-5.15	<5.15.0-1029.36~20.04.1	5.15.0-1029.36~20.04.1
ubuntu/linux-gcp-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gcp-5.4	<5.4.0-1100.109~18.04.1	5.4.0-1100.109~18.04.1
ubuntu/linux-gcp-5.4	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gcp-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gcp-fips	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gke	<5.4.0-1094.101	5.4.0-1094.101
ubuntu/linux-gke	<5.15.0-1027.32	5.15.0-1027.32
ubuntu/linux-gke	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gke-4.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gke-5.0	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gke-5.15	<5.15.0-1027.32~20.04.1	5.15.0-1027.32~20.04.1
ubuntu/linux-gke-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gke-5.4	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gkeop	<5.4.0-1064.68	5.4.0-1064.68
ubuntu/linux-gkeop	<5.15.0-1015.19	5.15.0-1015.19
ubuntu/linux-gkeop	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gkeop-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-gkeop-5.4	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-hwe	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-hwe	<4.15.0-206.217~16.04.1	4.15.0-206.217~16.04.1
ubuntu/linux-hwe-5.15	<5.15.0-60.66~20.04.1	5.15.0-60.66~20.04.1
ubuntu/linux-hwe-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-hwe-5.19	<5.19.0-32.33~22.04.1	5.19.0-32.33~22.04.1
ubuntu/linux-hwe-5.4	<5.4.0-139.156~18.04.1	5.4.0-139.156~18.04.1
ubuntu/linux-hwe-5.4	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-hwe-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-hwe-edge	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-ibm	<5.4.0-1044.49	5.4.0-1044.49
ubuntu/linux-ibm	<5.15.0-1025.28	5.15.0-1025.28
ubuntu/linux-ibm	<5.19.0-1017.19	5.19.0-1017.19
ubuntu/linux-ibm	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-ibm-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-ibm-5.4	<5.4.0-1044.49~18.04.1	5.4.0-1044.49~18.04.1
ubuntu/linux-ibm-5.4	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-intel	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-intel-5.13	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-intel-iotg	<5.15.0-1025.30	5.15.0-1025.30
ubuntu/linux-intel-iotg	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-intel-iotg-5.15	<5.15.0-1025.30~20.04.1	5.15.0-1025.30~20.04.1
ubuntu/linux-intel-iotg-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-iot	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-kvm	<4.15.0-1136.141	4.15.0-1136.141
ubuntu/linux-kvm	<5.4.0-1086.92	5.4.0-1086.92
ubuntu/linux-kvm	<5.15.0-1028.33	5.15.0-1028.33
ubuntu/linux-kvm	<5.19.0-1018.19	5.19.0-1018.19
ubuntu/linux-kvm	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-kvm	<4.4.0-1118.128	4.4.0-1118.128
ubuntu/linux-laptop	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-lowlatency	<5.15.0-60.66	5.15.0-60.66
ubuntu/linux-lowlatency	<5.19.0-1017.18	5.19.0-1017.18
ubuntu/linux-lowlatency	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-lowlatency-hwe-5.15	<5.15.0-60.66~20.04.1	5.15.0-60.66~20.04.1
ubuntu/linux-lowlatency-hwe-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-lowlatency-hwe-5.19	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-lowlatency-hwe-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-lts-xenial	<4.4.0-239.273~14.04.1	4.4.0-239.273~14.04.1
ubuntu/linux-lts-xenial	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-nvidia	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-nvidia-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-nvidia-6.8	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-nvidia-lowlatency	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem-5.10	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem-5.14	<5.14.0-1059.67	5.14.0-1059.67
ubuntu/linux-oem-5.14	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem-5.17	<5.17.0-1029.30	5.17.0-1029.30
ubuntu/linux-oem-5.17	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem-5.6	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem-6.0	<6.0.0-1008.8	6.0.0-1008.8
ubuntu/linux-oem-6.0	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem-6.1	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem-6.8	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oem-osp1	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oracle	<4.15.0-1115.126	4.15.0-1115.126
ubuntu/linux-oracle	<5.4.0-1093.102	5.4.0-1093.102
ubuntu/linux-oracle	<5.15.0-1029.35	5.15.0-1029.35
ubuntu/linux-oracle	<5.19.0-1017.20	5.19.0-1017.20
ubuntu/linux-oracle	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oracle	<4.15.0-1115.126~16.04.1	4.15.0-1115.126~16.04.1
ubuntu/linux-oracle-5.0	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oracle-5.13	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oracle-5.15	<5.15.0-1029.35~20.04.1	5.15.0-1029.35~20.04.1
ubuntu/linux-oracle-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oracle-5.4	<5.4.0-1093.102~18.04.1	5.4.0-1093.102~18.04.1
ubuntu/linux-oracle-5.4	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-oracle-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-raspi	<5.4.0-1080.91	5.4.0-1080.91
ubuntu/linux-raspi	<5.15.0-1024.26	5.15.0-1024.26
ubuntu/linux-raspi	<5.19.0-1013.20	5.19.0-1013.20
ubuntu/linux-raspi	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-raspi-5.4	<5.4.0-1080.91~18.04.1	5.4.0-1080.91~18.04.1
ubuntu/linux-raspi-5.4	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-raspi2	<4.15.0-1128.136	4.15.0-1128.136
ubuntu/linux-raspi2	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-riscv	<5.19.0-1013.14	5.19.0-1013.14
ubuntu/linux-riscv	<6.2.0-19.19.1	6.2.0-19.19.1
ubuntu/linux-riscv	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-riscv-5.15	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-riscv-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-snapdragon	<4.15.0-1146.156	4.15.0-1146.156
ubuntu/linux-snapdragon	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-starfive	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-starfive-6.5	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
ubuntu/linux-xilinx-zynqmp	<6.1~<5.4.224<5.15.78	6.1~ 5.4.224 5.15.78
debian/linux		5.10.218-1 5.10.221-1 6.1.94-1 6.1.99-1 6.9.12-1 6.10.3-1

Remedy

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c?id=6788ba8aed4e28e90f72d68a9d794e34eac17295

Remedy

To mitigate this issue, prevent the brcmfmac module from being loaded. See https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

Remedy

https://git.kernel.org/linus/5c36b99add5c3212b6cdb97cc206e1e3e0fa1e3c

Remedy

https://git.kernel.org/linus/6788ba8aed4e28e90f72d68a9d794e34eac17295

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

collector/redhat-cve
collector/nvd-index
agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/author
agent/remedy
agent/severity
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/description
agent/weakness
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2022-3628
agent/references
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/event
collector/usn-cve
source/Ubuntu
collector/security-tracker-debian
source/Debian
package-manager/redhat
vendor/linux
canonical/linux linux kernel
version/linux linux kernel/6.1-rc5
package-manager/ubuntu
package-manager/debian

CVE-2022-3628: Buffer Overflow

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact