Description

In the Linux kernel, the following vulnerability has been resolved: ath11k: Change max no of active probe SSID and BSSID to fw capability The maximum number of SSIDs in a for active probe requests is currently reported as 16 (WLAN_SCAN_PARAMS_MAX_SSID) when registering the driver. The scan_req_params structure only has the capacity to hold 10 SSIDs. This leads to a buffer overflow which can be triggered from wpa_supplicant in userspace. When copying the SSIDs into the scan_req_params structure in the ath11k_mac_op_hw_scan route, it can overwrite the extraie pointer. Firmware supports 16 ssid * 4 bssid, for each ssid 4 bssid combo probe request will be sent, so totally 64 probe requests supported. So set both max ssid and bssid to 16 and 4 respectively. Remove the redundant macros of ssid and bssid. Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.7.0.1-01300-QCAHKSWPL_SILICONZ-1

INFO

Published Date :

2025-02-26T02:13:52.495Z

Last Modified :

2025-05-04T08:39:58.645Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49533 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49533.

URL Resource
https://git.kernel.org/stable/c/210505788f1d243232e21ef660efcd4838890ce8 cve-icon cve-icon
https://git.kernel.org/stable/c/50dc9ce9f80554a88e33b73c30851acf2be36ed3 cve-icon cve-icon
https://git.kernel.org/stable/c/ec5dfa1d66f2f71a48dab027d26a9fa78eb0f58f cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022613-CVE-2022-49533-a0a4@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49533 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49533 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact