CVE-2022-49231

MEDIUM

Linux Kernel 5.17 - Use-After-Free in rtw88 hw_scan

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: rtw88: fix memory overrun and memory leak during hw_scan Previously we allocated less memory than actual required, overwrite to the buffer causes the mm module to complaint and raise access violation faults. Along with potential memory leaks when returned early. Fix these by passing the correct size and proper deinit flow.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/ec5da191bfcd5fd22b95459b623694f66c1cc10b

Patch

https://git.kernel.org/stable/c/d95984b5580dcb8b1c0036577c52b609990a1dab

Scores

CVSS v3 5.5

EPSS 0.0020

EPSS Percentile 10.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (8)

linux/Kernel 5.17.0 - 5.17.2linux

Linux/Linux < 5.17

Linux/Linux 10d162b2ed395e69720926b4f8d87f1f25ca920f - d95984b5580dcb8b1c0036577c52b609990a1dab

Linux/Linux 10d162b2ed395e69720926b4f8d87f1f25ca920f - ec5da191bfcd5fd22b95459b623694f66c1cc10b

Linux/Linux 5.17

Linux/Linux 5.17.2 - 5.17.*

Linux/Linux 5.18

linux/linux_kernel 5.17 - 5.17.2

Published Feb 26, 2025

Tracked Since Feb 18, 2026