CVE-2022-49022
📋 TL;DR
This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's WiFi subsystem (mac80211). An attacker could potentially cause a kernel panic or system crash by exploiting this flaw. It affects Linux systems using vulnerable kernel versions with WiFi functionality enabled.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to denial of service, potential for privilege escalation if combined with other vulnerabilities, or system instability.
Likely Case
System crash or kernel panic causing denial of service, requiring system reboot to restore functionality.
If Mitigated
Minimal impact if proper kernel hardening and privilege separation are in place, though denial of service may still occur.
🎯 Exploit Status
Exploitation requires ability to send specially crafted WiFi frames or manipulate WiFi driver behavior. No public exploit code has been identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in Linux kernel stable releases via commits: 0184ede0ec61b9cd075babfaa45081b1bf322234, 3e8f7abcc3473bc9603323803aeaed4ffcc3a2ab, 59b54f0563b6546c94bdb6823d3b382c75407019, f0fcad4c7201ecfaa17357f4ce0c50b4708df22d
Vendor Advisory: https://git.kernel.org/stable/c/0184ede0ec61b9cd075babfaa45081b1bf322234
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. For custom kernels, apply the fix commits from kernel.org. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable WiFi functionality
linuxTemporarily disable WiFi interfaces to prevent exploitation
sudo ip link set wlan0 down
sudo rfkill block wifi
Use wired networking only
linuxDisable WiFi drivers/modules completely
sudo modprobe -r mac80211
sudo modprobe -r mt76_usb mt76x02_lib
🧯 If You Can't Patch
- Implement strict network segmentation to isolate WiFi networks from critical systems
- Use host-based firewalls to restrict WiFi interface access to trusted sources only
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with distribution's security advisories. Vulnerable if using unpatched kernel with WiFi enabled.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to patched version and check that WiFi functionality works without crashes.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- UBSAN array-index-out-of-bounds errors in kernel logs
- System crash/reboot events
Network Indicators:
- Unusual WiFi frame patterns
- Excessive airtime calculation requests
SIEM Query:
event_type:kernel_panic OR message:"array-index-out-of-bounds" OR message:"ieee80211_get_rate_duration"