CVE-2022-49023
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: fix buffer overflow in elem comparison
For vendor elements, the code here assumes that 5 octets are present without checking. Since the element itself is already checked to fit, we only need to check the length.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 0b8fb8235be8be99a197e8d948fc0a2df8dc261a < f5c2ec288a865dbe3706b09bed12302e9f6d696b | affected |
| Linux | Linux | 0b8fb8235be8be99a197e8d948fc0a2df8dc261a < 9e6b79a3cd17620d467311b30d56f2648f6880aa | affected |
| Linux | Linux | 0b8fb8235be8be99a197e8d948fc0a2df8dc261a < 88a6fe3707888bd1893e9741157a7035c4159ab6 | affected |
| Linux | Linux | 0b8fb8235be8be99a197e8d948fc0a2df8dc261a < 391cb872553627bdcf236c03ee7d5adb275e37e1 | affected |
| Linux | Linux | 0b8fb8235be8be99a197e8d948fc0a2df8dc261a < 9f16b5c82a025cd4c864737409234ddc44fb166a | affected |
| Linux | Linux | 5.1 | affected |
| Linux | Linux | 0 < 5.1 | unaffected |
| Linux | Linux | 5.4.226 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.158 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.82 <= 5.15.* | unaffected |
| Linux | Linux | 6.0.12 <= 6.0.* | unaffected |
| Linux | Linux | 6.1 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/f5c2ec288a865dbe3706b09bed12302e9f6d696b
- https://git.kernel.org/stable/c/9e6b79a3cd17620d467311b30d56f2648f6880aa
- https://git.kernel.org/stable/c/88a6fe3707888bd1893e9741157a7035c4159ab6
- https://git.kernel.org/stable/c/391cb872553627bdcf236c03ee7d5adb275e37e1
- https://git.kernel.org/stable/c/9f16b5c82a025cd4c864737409234ddc44fb166a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.