high
7.8
CWE
611 129
Advisory Published
Updated

CVE-2022-49471: rtw89: cfo: check mac_id to avoid out-of-bounds

First published: Wed Feb 26 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check mac_id to avoid out-of-bounds Somehow, hardware reports incorrect mac_id and pollute memory. Check index before we access the array. UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23 index 188 is out of range for type 's32 [64]' CPU: 1 PID: 51550 Comm: irq/35-rtw89_pc Tainted: G OE Call Trace: <IRQ> show_stack+0x52/0x58 dump_stack_lvl+0x4c/0x63 dump_stack+0x10/0x12 ubsan_epilogue+0x9/0x45 __ubsan_handle_out_of_bounds.cold+0x44/0x49 ? __alloc_skb+0x92/0x1d0 rtw89_phy_cfo_parse+0x44/0x7f [rtw89_core] rtw89_core_rx+0x261/0x871 [rtw89_core] ? __alloc_skb+0xee/0x1d0 rtw89_pci_napi_poll+0x3fa/0x4ea [rtw89_pci] __napi_poll+0x33/0x1a0 net_rx_action+0x126/0x260 ? __queue_work+0x217/0x4c0 __do_softirq+0xd9/0x315 ? disable_irq_nosync+0x10/0x10 do_softirq.part.0+0x6d/0x90 </IRQ> <TASK> __local_bh_enable_ip+0x62/0x70 rtw89_pci_interrupt_threadfn+0x182/0x1a6 [rtw89_pci] irq_thread_fn+0x28/0x60 irq_thread+0xc8/0x190 ? irq_thread_fn+0x60/0x60 kthread+0x16b/0x190 ? irq_thread_check_affinity+0xe0/0xe0 ? set_kthread_struct+0x50/0x50 ret_from_fork+0x22/0x30 </TASK>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel
Linux Kernel<5.17.14
Linux Kernel>=5.18<5.18.3

Remedy

https://git.kernel.org/stable/c/03ed236480aeec8c2fd327a1ea6d711364c495e3

Remedy

https://git.kernel.org/stable/c/97df85871a5b187609d30fca6d85b912d9e02f29

Remedy

https://git.kernel.org/stable/c/c32fafe68298bb599e825c298e1d0ba30186f0a5

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-49471?

    CVE-2022-49471 has a severity rating that affects the functionality and security of the Linux kernel's handling of certain hardware reporting.

  • How do I fix CVE-2022-49471?

    To fix CVE-2022-49471, update the Linux kernel to a version that includes the patch for this vulnerability, specifically versions later than 5.18.3.

  • What platforms are affected by CVE-2022-49471?

    CVE-2022-49471 affects the Linux kernel versions up to and including 5.17.14 and between 5.18 and 5.18.3.

  • What are the potential consequences of CVE-2022-49471?

    If exploited, CVE-2022-49471 could lead to out-of-bounds memory access, resulting in potential system crashes or data corruption.

  • What components of the Linux kernel are impacted by CVE-2022-49471?

    CVE-2022-49471 impacts the rtw89 driver component of the Linux kernel, particularly its handling of MAC IDs.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203