Linux · Linux Kernel · CVE-2022-49290
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
A potential double free issue in the Linux kernel's mac80211 module has been identified. This issue occurs when rejoining a mesh network, potentially causing memory corruption and kernel panics. The problem arises from the `ieee80211 leave mesh()` and `ieee80211 join mesh()` functions, where the `ie` data is freed twice. This can be reproduced using wpa supplicant with an encrypted mesh setup and calling specific `iw` commands to leave and rejoin the mesh. However, when using wpa supplicant, the issue is typically avoided due to a NETDEV DOWN/NETDEV UP cycle that resets the mesh.ie to NULL.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.