CVE-2022-50294
📋 TL;DR
A memory leak vulnerability in the Linux kernel's libertas WiFi driver allows attackers to cause denial of service by exhausting kernel memory. This affects Linux systems using libertas-based WiFi hardware. The vulnerability occurs when kfifo_alloc() fails during adapter initialization, leaving allocated command buffers unreleased.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory exhaustion leading to system instability, crashes, or denial of service requiring reboot
Likely Case
Local denial of service affecting WiFi functionality on vulnerable systems
If Mitigated
Minimal impact with proper memory management and monitoring
🎯 Exploit Status
Exploitation requires local access and ability to trigger specific driver initialization failure conditions
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits: 037f84c0bfae5c436c651d0e804264e2648010ec, 16a03958618fb91bb1bc7077cf3211055162cc2f, 23b34e08de5c2380414c9d3c33e8235094bcccae, 4c102ad59bfa66c0f6662af64fa3b9007b02c20f, 653d13a73e498d0bb6aeaf689aaa960defa7878b
Vendor Advisory: https://git.kernel.org/stable/c/
Restart Required: No
Instructions:
1. Update Linux kernel to patched version. 2. For distributions: Use package manager to update kernel package. 3. Rebuild kernel if using custom kernel with backported patches.
🔧 Temporary Workarounds
Disable libertas driver
allPrevent loading of vulnerable libertas WiFi driver module
echo 'blacklist libertas' >> /etc/modprobe.d/blacklist.conf
rmmod libertas
🧯 If You Can't Patch
- Monitor kernel memory usage for unusual patterns
- Restrict local user access to systems with vulnerable drivers
🔍 How to Verify
Check if Vulnerable:
Check if libertas module is loaded: lsmod | grep libertas. Check kernel version against patched commits.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes patched commits. Test WiFi functionality with libertas hardware.📡 Detection & Monitoring
Log Indicators:
- Kernel oom-killer messages
- System instability logs
- WiFi driver initialization failures
Network Indicators:
- Unexpected WiFi disconnections
- Network interface failures
SIEM Query:
kernel: *libertas* AND (error OR fail OR oom)🔗 References
- https://git.kernel.org/stable/c/037f84c0bfae5c436c651d0e804264e2648010ec
- https://git.kernel.org/stable/c/16a03958618fb91bb1bc7077cf3211055162cc2f
- https://git.kernel.org/stable/c/23b34e08de5c2380414c9d3c33e8235094bcccae
- https://git.kernel.org/stable/c/4c102ad59bfa66c0f6662af64fa3b9007b02c20f
- https://git.kernel.org/stable/c/653d13a73e498d0bb6aeaf689aaa960defa7878b
- https://git.kernel.org/stable/c/98e0ff6980c89239d9e5d3da90d791c2383dc23a
- https://git.kernel.org/stable/c/9c8f50c7433bdfba1588831c413136ecc3f29f99
- https://git.kernel.org/stable/c/d46c33f667b05c22bc5c5b69aa730349c4b6fe31
