PT-2024-11882 · Linux+5 · Linux Kernel+5

Published

2022-11-25

Updated

2025-09-29

CVE-2022-49022

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-060100rc3-generic

Description The issue is related to a possible out-of-bound access in the ieee80211 get rate duration routine. This was reported by a UBSAN (Undefined Behavior Sanitizer) report, which indicated an array-index-out-of-bounds error in the net/mac80211/airtime.c file. The error occurred because an index of 15 was out of range for a type 'u16 [12]'. The vulnerability is related to the wifi and mac8021 components of the Linux kernel.

Recommendations For Linux kernel versions prior to 6.1.0-060100rc3-generic, consider updating to a newer version that includes the fix for the out-of-bound access issue in the ieee80211 get rate duration routine. As a temporary workaround, consider restricting access to the vulnerable wifi and mac8021 components until a patch is available.

Exploit

Fix

DoS

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

ALSA-2025_16880

ALT-PU-2023-1066

BDU:2025-07471

CVE-2022-49022

OESA-2025-1016

OPENSUSE-SU-2024_3983-1

OPENSUSE-SU-2024_3985-1

OPENSUSE-SU-2024_4131-1

OPENSUSE-SU-2024_4313-1

RHSA-2023:2458

RHSA-2023_2458

SUSE-SU-2024:3983-1

SUSE-SU-2024:3985-1

SUSE-SU-2024:4082-1

SUSE-SU-2024:4131-1

SUSE-SU-2024:4313-1

SUSE-SU-2024:4317-1

SUSE-SU-2024:4364-1

Affected Products

Alt Linux

Astra Linux

Linux Kernel

Red Hat

Red Os

Suse

PT-2024-11882 · Linux+5 · Linux Kernel+5

CVE-2022-49022

Weakness Enumeration

Related Identifiers

Affected Products

References · 1014