CVE-2022-49022: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration
First published: Mon Oct 21 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration Fix possible out-of-bound access in ieee80211_get_rate_duration routine as reported by the following UBSAN report: UBSAN: array-index-out-of-bounds in net/mac80211/airtime.c:455:47 index 15 is out of range for type 'u16 [12]' CPU: 2 PID: 217 Comm: kworker/u32:10 Not tainted 6.1.0-060100rc3-generic Hardware name: Acer Aspire TC-281/Aspire TC-281, BIOS R01-A2 07/18/2017 Workqueue: mt76 mt76u_tx_status_data [mt76_usb] Call Trace: <TASK> show_stack+0x4e/0x61 dump_stack_lvl+0x4a/0x6f dump_stack+0x10/0x18 ubsan_epilogue+0x9/0x43 __ubsan_handle_out_of_bounds.cold+0x42/0x47 ieee80211_get_rate_duration.constprop.0+0x22f/0x2a0 [mac80211] ? ieee80211_tx_status_ext+0x32e/0x640 [mac80211] ieee80211_calc_rx_airtime+0xda/0x120 [mac80211] ieee80211_calc_tx_airtime+0xb4/0x100 [mac80211] mt76x02_send_tx_status+0x266/0x480 [mt76x02_lib] mt76x02_tx_status_data+0x52/0x80 [mt76x02_lib] mt76u_tx_status_data+0x67/0xd0 [mt76_usb] process_one_work+0x225/0x400 worker_thread+0x50/0x3e0 ? process_one_work+0x400/0x400 kthread+0xe9/0x110 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x22/0x30
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | >=5.5<5.10.158 | |
| Linux Kernel | >=5.11<5.15.82 | |
| Linux Kernel | >=5.16<6.0.12 | |
| Linux Kernel | =6.1-rc1 | |
| Linux Kernel | =6.1-rc2 | |
| Linux Kernel | =6.1-rc3 | |
| Linux Kernel | =6.1-rc4 | |
| Linux Kernel | =6.1-rc5 | |
| Linux Kernel | =6.1-rc6 | |
| Linux Kernel | =6.1-rc7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-49022?
CVE-2022-49022 is classified as a moderate severity vulnerability in the Linux kernel.
How do I fix CVE-2022-49022?
To fix CVE-2022-49022, ensure that your system is updated to a Linux kernel version beyond 5.10.158, 5.15.82, 6.0.12, or the specific 6.1 release candidates.
Which versions of the Linux kernel are affected by CVE-2022-49022?
CVE-2022-49022 affects Linux kernel versions from 5.5 up to and including 5.10.158, 5.11 up to and including 5.15.82, and from 5.16 up to and including 6.0.12, as well as the 6.1 release candidates.
What type of vulnerability is CVE-2022-49022?
CVE-2022-49022 is an out-of-bounds access vulnerability related to the ieee80211_get_rate_duration function in the Linux kernel.
What could happen if CVE-2022-49022 is exploited?
Exploitation of CVE-2022-49022 could potentially lead to system instability or crashes due to out-of-bounds memory access.
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/remedy
- agent/severity
- agent/weakness
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/6.1-rc1
- version/linux kernel/6.1-rc2
- version/linux kernel/6.1-rc3
- version/linux kernel/6.1-rc4
- version/linux kernel/6.1-rc5
- version/linux kernel/6.1-rc6
- version/linux kernel/6.1-rc7