CVE-2022-49022: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration Fix possible out-of-bound access in ieee80211_get_rate_duration routine as reported by the following UBSAN report: UBSAN: array-index-out-of-bounds in net/mac80211/airtime.c:455:47 index 15 is out of range for type 'u16 [12]' CPU: 2 PID: 217 Comm: kworker/u32:10 Not tainted 6.1.0-060100rc3-generic Hardware name: Acer Aspire TC-281/Aspire TC-281, BIOS R01-A2 07/18/2017 Workqueue: mt76 mt76u_tx_status_data [mt76_usb] Call Trace: <TASK> show_stack+0x4e/0x61 dump_stack_lvl+0x4a/0x6f dump_stack+0x10/0x18 ubsan_epilogue+0x9/0x43 __ubsan_handle_out_of_bounds.cold+0x42/0x47 ieee80211_get_rate_duration.constprop.0+0x22f/0x2a0 [mac80211] ? ieee80211_tx_status_ext+0x32e/0x640 [mac80211] ieee80211_calc_rx_airtime+0xda/0x120 [mac80211] ieee80211_calc_tx_airtime+0xb4/0x100 [mac80211] mt76x02_send_tx_status+0x266/0x480 [mt76x02_lib] mt76x02_tx_status_data+0x52/0x80 [mt76x02_lib] mt76u_tx_status_data+0x67/0xd0 [mt76_usb] process_one_work+0x225/0x400 worker_thread+0x50/0x3e0 ? process_one_work+0x400/0x400 kthread+0xe9/0x110 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x22/0x30
AI Analysis
Technical Summary
CVE-2022-49022 is a vulnerability identified in the Linux kernel's mac80211 wireless subsystem, specifically within the ieee80211_get_rate_duration function. The issue is an out-of-bounds (OOB) array access, where an index value of 15 is used to access an array of size 12, leading to potential memory corruption. This vulnerability was detected through Undefined Behavior Sanitizer (UBSAN) reports, indicating that the kernel code attempted to access an invalid array index in the net/mac80211/airtime.c source file. The mac80211 subsystem is responsible for managing Wi-Fi MAC layer operations, and the ieee80211_get_rate_duration function calculates the duration of transmission rates, which is critical for wireless communication timing and performance. The out-of-bounds access could cause kernel crashes (denial of service) or potentially allow attackers to execute arbitrary code or escalate privileges if exploited. The vulnerability affects Linux kernel versions prior to the patch and is triggered during processing of Wi-Fi transmission status data, particularly in drivers using the mt76 USB wireless chipset. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet. The patch fixes the issue by correcting the array bounds check to prevent invalid memory access.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running vulnerable Linux kernel versions with Wi-Fi capabilities, especially those using the mac80211 subsystem and mt76 wireless drivers. The impact includes potential denial of service through kernel crashes, which could disrupt critical network connectivity and services. In more severe cases, if exploited for arbitrary code execution, attackers could gain elevated privileges on affected systems, leading to data breaches, lateral movement within networks, or deployment of malware. This is particularly concerning for enterprises relying on Linux-based infrastructure for networking, IoT devices, or embedded systems in industrial control environments. Given the widespread use of Linux in servers, desktops, and embedded devices across Europe, the vulnerability could affect a broad range of sectors including finance, healthcare, manufacturing, and government. The absence of known exploits reduces immediate risk, but the vulnerability's nature means it could be targeted once public details are widely available.
Mitigation Recommendations
European organizations should prioritize updating Linux kernels to versions where this vulnerability is patched. Specifically, applying the latest stable kernel releases that include the fix for CVE-2022-49022 is critical. For environments where immediate kernel upgrades are challenging, organizations should consider disabling or limiting the use of affected wireless drivers (such as mt76 USB drivers) if feasible. Network segmentation and strict access controls can reduce exposure of vulnerable systems to untrusted networks. Monitoring kernel logs for UBSAN or related error messages may help detect attempts to trigger the vulnerability. Additionally, organizations should maintain robust endpoint detection and response (EDR) solutions to identify anomalous kernel behavior. For embedded or IoT devices, vendors should be contacted to obtain firmware updates addressing this issue. Finally, organizations should review wireless network security policies to minimize unnecessary Wi-Fi usage on critical systems until patches are applied.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain, Poland, Belgium
CVE-2022-49022: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration Fix possible out-of-bound access in ieee80211_get_rate_duration routine as reported by the following UBSAN report: UBSAN: array-index-out-of-bounds in net/mac80211/airtime.c:455:47 index 15 is out of range for type 'u16 [12]' CPU: 2 PID: 217 Comm: kworker/u32:10 Not tainted 6.1.0-060100rc3-generic Hardware name: Acer Aspire TC-281/Aspire TC-281, BIOS R01-A2 07/18/2017 Workqueue: mt76 mt76u_tx_status_data [mt76_usb] Call Trace: <TASK> show_stack+0x4e/0x61 dump_stack_lvl+0x4a/0x6f dump_stack+0x10/0x18 ubsan_epilogue+0x9/0x43 __ubsan_handle_out_of_bounds.cold+0x42/0x47 ieee80211_get_rate_duration.constprop.0+0x22f/0x2a0 [mac80211] ? ieee80211_tx_status_ext+0x32e/0x640 [mac80211] ieee80211_calc_rx_airtime+0xda/0x120 [mac80211] ieee80211_calc_tx_airtime+0xb4/0x100 [mac80211] mt76x02_send_tx_status+0x266/0x480 [mt76x02_lib] mt76x02_tx_status_data+0x52/0x80 [mt76x02_lib] mt76u_tx_status_data+0x67/0xd0 [mt76_usb] process_one_work+0x225/0x400 worker_thread+0x50/0x3e0 ? process_one_work+0x400/0x400 kthread+0xe9/0x110 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x22/0x30
AI-Powered Analysis
Technical Analysis
CVE-2022-49022 is a vulnerability identified in the Linux kernel's mac80211 wireless subsystem, specifically within the ieee80211_get_rate_duration function. The issue is an out-of-bounds (OOB) array access, where an index value of 15 is used to access an array of size 12, leading to potential memory corruption. This vulnerability was detected through Undefined Behavior Sanitizer (UBSAN) reports, indicating that the kernel code attempted to access an invalid array index in the net/mac80211/airtime.c source file. The mac80211 subsystem is responsible for managing Wi-Fi MAC layer operations, and the ieee80211_get_rate_duration function calculates the duration of transmission rates, which is critical for wireless communication timing and performance. The out-of-bounds access could cause kernel crashes (denial of service) or potentially allow attackers to execute arbitrary code or escalate privileges if exploited. The vulnerability affects Linux kernel versions prior to the patch and is triggered during processing of Wi-Fi transmission status data, particularly in drivers using the mt76 USB wireless chipset. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet. The patch fixes the issue by correcting the array bounds check to prevent invalid memory access.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running vulnerable Linux kernel versions with Wi-Fi capabilities, especially those using the mac80211 subsystem and mt76 wireless drivers. The impact includes potential denial of service through kernel crashes, which could disrupt critical network connectivity and services. In more severe cases, if exploited for arbitrary code execution, attackers could gain elevated privileges on affected systems, leading to data breaches, lateral movement within networks, or deployment of malware. This is particularly concerning for enterprises relying on Linux-based infrastructure for networking, IoT devices, or embedded systems in industrial control environments. Given the widespread use of Linux in servers, desktops, and embedded devices across Europe, the vulnerability could affect a broad range of sectors including finance, healthcare, manufacturing, and government. The absence of known exploits reduces immediate risk, but the vulnerability's nature means it could be targeted once public details are widely available.
Mitigation Recommendations
European organizations should prioritize updating Linux kernels to versions where this vulnerability is patched. Specifically, applying the latest stable kernel releases that include the fix for CVE-2022-49022 is critical. For environments where immediate kernel upgrades are challenging, organizations should consider disabling or limiting the use of affected wireless drivers (such as mt76 USB drivers) if feasible. Network segmentation and strict access controls can reduce exposure of vulnerable systems to untrusted networks. Monitoring kernel logs for UBSAN or related error messages may help detect attempts to trigger the vulnerability. Additionally, organizations should maintain robust endpoint detection and response (EDR) solutions to identify anomalous kernel behavior. For embedded or IoT devices, vendors should be contacted to obtain firmware updates addressing this issue. Finally, organizations should review wireless network security policies to minimize unnecessary Wi-Fi usage on critical systems until patches are applied.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-08-22T01:27:53.649Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d982fc4522896dcbe6938
Added to database: 5/21/2025, 9:09:03 AM
Last enriched: 7/1/2025, 1:24:49 AM
Last updated: 8/15/2025, 12:59:46 AM
Views: 15
Related Threats
CVE-2025-9028: SQL Injection in code-projects Online Medicine Guide
MediumCVE-2025-26709: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in ZTE F50
MediumCVE-2025-9027: SQL Injection in code-projects Online Medicine Guide
MediumCVE-2025-9026: OS Command Injection in D-Link DIR-860L
MediumCVE-2025-9025: SQL Injection in code-projects Simple Cafe Ordering System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.