CVE-2022-48876

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.7

Description The vulnerability is related to a null pointer dereference in the mac80211 component of the Linux kernel. This occurs due to improper initialization of rx->link sta in certain code paths, leading to a crash when rx->link sta is assumed to be valid if rx->sta is valid. One known instance of this issue is triggered by the ieee80211 rx h amsdu function being called from fast-rx. The vulnerability can result in a system crash and potentially compromise the system.

Recommendations To resolve this issue, upgrade the Linux kernel to version 6.1.7 or later. As a temporary workaround, consider disabling the ieee80211 rx h amsdu function or restricting access to the vulnerable mac80211 component until a patch is available. However, the most effective solution is to update the kernel to a version that includes the fix for this vulnerability.