CVE-2022-49235

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been identified, specifically in the ath9k htc module. The issue is caused by missing field initialization in the htc connect service() and htc issue send() functions. This results in uninitialized values being used, leading to potential information leaks. The vulnerability was reported by Syzbot, which identified two KMSAN bugs in the ath9k module. The bugs are caused by the lack of initialization of the svc meta len and pad variables in htc connect service() and the htc frame hdr::control array in htc issue send(). To fix the issue, the svc meta len variable is initialized to 0, and the htc frame hdr::control array is zeroed out.

Recommendations As a temporary workaround, consider disabling the htc connect service() function until a patch is available. Restrict access to the vulnerable ath9k htc module to minimize the risk of exploitation. Avoid using the htc issue send() function in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.