PT-2025-8260 · Rtl818X+4 · Rtl818X+4

Pierre Asselin

Published

2022-04-27

Updated

2025-06-17

CVE-2022-49326

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the rtl818x driver. The issue occurs when using not existing queues, which can cause the kernel to panic with rtl8180/rtl8185 cards. This happens because the cards only have one tx queue, and the skb priority is ignored for those cards. The problem was reported after updating wpa supplicant from 2.9 to 2.10, which caused the kernel to crash with a "divide error: 0000" when connecting to an AP. The issue is due to the fact that only the rtl8187se part of the driver supports QoS, and the priority of the skb is set to IEEE80211 AC BE (2) by mac80211 for rtl8180/rtl8185 cards.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

BDU:2026-02604

CVE-2022-49326

OESA-2025-1282

OPENSUSE-SU-2025_1263-1

SUSE-SU-2025:01983-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025_01983-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

Affected Products

Astra Linux

Linux Kernel

Suse

Rtl818X

Wpa Supplicant

PT-2025-8260 · Rtl818X+4 · Rtl818X+4

CVE-2022-49326

Weakness Enumeration

Related Identifiers

Affected Products

References · 1679