CVE-2022-50279
📋 TL;DR
This vulnerability is a global-out-of-bounds memory access bug in the Linux kernel's rtlwifi driver for Realtek wireless chips. It allows attackers to potentially execute arbitrary code or cause denial of service by exploiting improper string comparison logic. Systems using affected Realtek WiFi hardware with vulnerable kernel versions are at risk.
💻 Affected Systems
- Linux kernel with rtlwifi driver for Realtek 8821ae/8812ae chips
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential arbitrary code execution with kernel privileges resulting in complete system compromise.
Likely Case
System instability, crashes, or denial of service affecting WiFi functionality.
If Mitigated
Limited impact if exploit attempts are blocked by kernel hardening features like KASAN or if the vulnerable driver isn't loaded.
🎯 Exploit Status
Requires local access to trigger the vulnerable code path through WiFi configuration operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with fixes from provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/057b52461dc005ecd85a3e4998913b1492ec0f72
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Rebuild kernel if compiling from source. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable vulnerable driver
linuxBlacklist or prevent loading of rtl8821ae/rtl8812ae driver modules
echo 'blacklist rtl8821ae' >> /etc/modprobe.d/blacklist.conf
echo 'blacklist rtl8812ae' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
Use alternative WiFi driver
linuxSwitch to alternative driver if available for Realtek hardware
🧯 If You Can't Patch
- Disable WiFi functionality on affected systems
- Replace Realtek WiFi hardware with unaffected alternatives
🔍 How to Verify
Check if Vulnerable:
Check if rtl8821ae or rtl8812ae module is loaded: lsmod | grep -E 'rtl8821ae|rtl8812ae'Check Version:
uname -rVerify Fix Applied:
Check kernel version is patched and verify driver version matches fixed commits📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- KASAN out-of-bounds reports in dmesg
- NetworkManager crashes
Network Indicators:
- Unexpected WiFi disconnections
- Interface resets
SIEM Query:
search 'KASAN: global-out-of-bounds' OR 'rtl8821ae' OR 'rtl8812ae' in kernel logs🔗 References
- https://git.kernel.org/stable/c/057b52461dc005ecd85a3e4998913b1492ec0f72
- https://git.kernel.org/stable/c/0c962dcd6bf64b78eaffc09e497a2beb4e48bc32
- https://git.kernel.org/stable/c/117dbeda22ec5ea0918254d03b540ef8b8a64d53
- https://git.kernel.org/stable/c/1e950b9a841bc96e98ee25680d5c7aa305120be1
- https://git.kernel.org/stable/c/28ea268d95e57cdf6394a058f0d854206d478772
- https://git.kernel.org/stable/c/f1fe40120de6ad4ffa8299fde035a5feba10d4fb
- https://git.kernel.org/stable/c/fc3442247716fc426bbcf62ed65e086e48a6d44f
