CVE-2022-50508

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s wifi subsystem, specifically within the mt76 and mt76x0 components. A potential out-of-bounds access issue was identified in the mt76x0 phy get target power routine. This issue arose after a specific commit, 'ba45841ca5eb', which modified the structure of rate power data used for vht mcs rates. The vulnerability occurs because the code relies on different rate power data sets (ht[0-7] and vth[0-1]) for various vht mcs rates, leading to a possible out-of-bounds access when retrieving target power values.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.