CVE-2022-4095 – This CVE describes a use-after-free vulnerabili... (How to Fix)

Q: What is the severity of CVE-2022-4095?

CVE-2022-4095 has a CVSS score of 7.8 (HIGH). This CVE describes a use-after-free vulnerability in the Linux kernel's RTL8712 wireless driver that allows local attackers to cause denial of service or escalate privileges. The flaw exists in the cmd_hdl_filter function and affects Linux systems using the rtl8712 driver before kernel version 5.19.2. Only local attackers with access to the system can exploit this vulnerability.

📋 TL;DR

This CVE describes a use-after-free vulnerability in the Linux kernel's RTL8712 wireless driver that allows local attackers to cause denial of service or escalate privileges. The flaw exists in the cmd_hdl_filter function and affects Linux systems using the rtl8712 driver before kernel version 5.19.2. Only local attackers with access to the system can exploit this vulnerability.

💻 Affected Systems

Products:

Linux kernel

Versions: Linux kernel versions before 5.19.2

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using the rtl8712 wireless driver (staging driver for Realtek 8712 wireless chipsets).

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to root, complete system compromise, and persistent denial of service.

🟠

Likely Case

Local denial of service (kernel panic/crash) and potential privilege escalation to root.

🟢

If Mitigated

Limited impact with proper access controls and kernel hardening; attacker needs local access.

🌐 Internet-Facing: LOW - Requires local access to exploit, not remotely exploitable.

🏢 Internal Only: MEDIUM - Local attackers on compromised systems or malicious insiders could exploit for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and knowledge of the driver's internal structures. No public exploit code has been identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel 5.19.2 and later

Vendor Advisory: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c53b3dcb9942b8ed7f81ee3921c4085d87070c73

Restart Required: Yes

Instructions:

1. Update Linux kernel to version 5.19.2 or later. 2. Reboot the system. 3. Verify the kernel version with 'uname -r'.

🔧 Temporary Workarounds

Disable rtl8712 driver

linux

Blacklist or disable the vulnerable rtl8712 driver module

echo 'blacklist rtl8712' >> /etc/modprobe.d/blacklist.conf
rmmod rtl8712

Restrict local access

all

Implement strict access controls to limit local user access

🧯 If You Can't Patch

Implement strict access controls to limit local user privileges
Disable the rtl8712 driver module if not required

🔍 How to Verify

Check if Vulnerable:

Check kernel version with 'uname -r' and verify it's below 5.19.2. Check if rtl8712 module is loaded with 'lsmod | grep rtl8712'.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is 5.19.2 or higher with 'uname -r'. Check that the rtl8712 module is either not loaded or blacklisted.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
System crash dumps
Unexpected driver reloads

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "segfault") AND process="rtl8712"

📊 Metadata

CVE ID: CVE-2022-4095

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: March 22, 2023

Last Updated: February 26, 2025

🔗 References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c53b3dcb9942b8ed7f81ee3921c4085d87070c73 Patch,Vendor Advisory
https://security.netapp.com/advisory/ntap-20230420-0005/ Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c53b3dcb9942b8ed7f81ee3921c4085d87070c73 Patch,Vendor Advisory
https://security.netapp.com/advisory/ntap-20230420-0005/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-4095, you might also want to check these: