PT-2025-8350 · Linux+4 · Linux Kernel+4

Johannes Berg

Published

2022-06-01

Updated

2025-09-29

CVE-2022-49416

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue was found in the mac80211 code of the Linux kernel. The problem occurs in the ieee80211 vif use reserved context() function when the replace state of the new context is set to IEEE80211 CHANCTX REPLACE NONE. In this case, the old context is freed, but its pointer is not set to NULL, leading to a potential use-after-free error. This issue can be exploited when the new ctx replace state is not IEEE80211 CHANCTX REPLACES OTHER, causing the function to return without further actions, thus avoiding access to the freed old ctx.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880

BDU:2025-10272

CESA-2023_2951

CVE-2022-49416

OESA-2025-1370

OPENSUSE-SU-2025_1263-1

RHSA-2023:2458

RHSA-2023:2951

RHSA-2023_2458

RHSA-2023_2951

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025:1293-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

SUSE-SU-2025_1293-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-8350 · Linux+4 · Linux Kernel+4

CVE-2022-49416

Weakness Enumeration

Related Identifiers

Affected Products

References · 1533