medium
5.5
CWE
476
Advisory Published
Updated

CVE-2022-49876: wifi: mac80211: fix general-protection-fault in ieee80211_subif_start_xmit()

First published: Thu May 01 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix general-protection-fault in ieee80211_subif_start_xmit() When device is running and the interface status is changed, the gpf issue is triggered. The problem triggering process is as follows: Thread A: Thread B ieee80211_runtime_change_iftype() process_one_work() ... ... ieee80211_do_stop() ... ... ... sdata->bss = NULL ... ... ieee80211_subif_start_xmit() ieee80211_multicast_to_unicast //!sdata->bss->multicast_to_unicast cause gpf issue When the interface status is changed, the sending queue continues to send packets. After the bss is set to NULL, the bss is accessed. As a result, this causes a general-protection-fault issue. The following is the stack information: general protection fault, probably for non-canonical address 0xdffffc000000002f: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000178-0x000000000000017f] Workqueue: mld mld_ifc_work RIP: 0010:ieee80211_subif_start_xmit+0x25b/0x1310 Call Trace: <TASK> dev_hard_start_xmit+0x1be/0x990 __dev_queue_xmit+0x2c9a/0x3b60 ip6_finish_output2+0xf92/0x1520 ip6_finish_output+0x6af/0x11e0 ip6_output+0x1ed/0x540 mld_sendpack+0xa09/0xe70 mld_ifc_work+0x71c/0xdb0 process_one_work+0x9bf/0x1710 worker_thread+0x665/0x1080 kthread+0x2e4/0x3a0 ret_from_fork+0x1f/0x30 </TASK>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel
Linux Kernel>=5.19<6.0.9
Linux Kernel=6.1-rc1
Linux Kernel=6.1-rc2
Linux Kernel=6.1-rc3
Linux Kernel=6.1-rc4

Remedy

https://git.kernel.org/stable/c/03eb68c72cee249aeb7af7d04a83c033aca3d6d9

Remedy

https://git.kernel.org/stable/c/780854186946e0de2be192ee7fa5125666533b3a

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-49876?

    CVE-2022-49876 has been classified as a moderate severity vulnerability due to the potential for a general protection fault.

  • How do I fix CVE-2022-49876?

    To fix CVE-2022-49876, update the Linux kernel to the latest stable version where this vulnerability has been addressed.

  • What systems are affected by CVE-2022-49876?

    CVE-2022-49876 affects the Linux kernel and can impact any system running this software.

  • What happens if CVE-2022-49876 is exploited?

    Exploiting CVE-2022-49876 can lead to a general protection fault, potentially causing a system crash or instability.

  • Is there a workaround for CVE-2022-49876?

    Currently, the preferred method to address CVE-2022-49876 is to apply the kernel updates that resolve the vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203