| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025122420-CVE-2022-50732-042c@gregkh> Date: Wed, 24 Dec 2025 13:26:31 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50732: staging: rtl8192u: Fix use after free in ieee80211_rx() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free. The Linux kernel CVE team has assigned CVE-2022-50732 to this issue. Affected and fixed versions =========================== Issue introduced in 2.6.33 with commit 8fc8598e61f6f384f3eaf1d9b09500c12af47b37 and fixed in 4.9.337 with commit 9c03db0ec84b7964a11b20706665c99a5fead332 Issue introduced in 2.6.33 with commit 8fc8598e61f6f384f3eaf1d9b09500c12af47b37 and fixed in 4.14.303 with commit fdc62d31d50e4ce5d8f363fcb8299ba0e00ee6fd Issue introduced in 2.6.33 with commit 8fc8598e61f6f384f3eaf1d9b09500c12af47b37 and fixed in 4.19.270 with commit a0df8d44b555ae09729d6533fd4532977563c7b9 Issue introduced in 2.6.33 with commit 8fc8598e61f6f384f3eaf1d9b09500c12af47b37 and fixed in 5.4.229 with commit 288ada16a93aab5aa2ebea8190aafdb35b716854 Issue introduced in 2.6.33 with commit 8fc8598e61f6f384f3eaf1d9b09500c12af47b37 and fixed in 5.10.163 with commit daa8045a991363ccdae5615d170f35aa1135e7a7 Issue introduced in 2.6.33 with commit 8fc8598e61f6f384f3eaf1d9b09500c12af47b37 and fixed in 5.15.86 with commit b0aaec894a909c88117c8bda6c7c9b26cf7c744b Issue introduced in 2.6.33 with commit 8fc8598e61f6f384f3eaf1d9b09500c12af47b37 and fixed in 6.0.16 with commit de174163c0d319ff06d622e79130a0017c8f5a6e Issue introduced in 2.6.33 with commit 8fc8598e61f6f384f3eaf1d9b09500c12af47b37 and fixed in 6.1.2 with commit 73df1172bbcc8d45cd28e3b1a9ca2edb2f9f7ce6 Issue introduced in 2.6.33 with commit 8fc8598e61f6f384f3eaf1d9b09500c12af47b37 and fixed in 6.2 with commit bcc5e2dcf09089b337b76fc1a589f6ff95ca19ac Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50732 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/staging/rtl8192u/ieee80211/ieee80211_rx.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/9c03db0ec84b7964a11b20706665c99a5fead332 https://git.kernel.org/stable/c/fdc62d31d50e4ce5d8f363fcb8299ba0e00ee6fd https://git.kernel.org/stable/c/a0df8d44b555ae09729d6533fd4532977563c7b9 https://git.kernel.org/stable/c/288ada16a93aab5aa2ebea8190aafdb35b716854 https://git.kernel.org/stable/c/daa8045a991363ccdae5615d170f35aa1135e7a7 https://git.kernel.org/stable/c/b0aaec894a909c88117c8bda6c7c9b26cf7c744b https://git.kernel.org/stable/c/de174163c0d319ff06d622e79130a0017c8f5a6e https://git.kernel.org/stable/c/73df1172bbcc8d45cd28e3b1a9ca2edb2f9f7ce6 https://git.kernel.org/stable/c/bcc5e2dcf09089b337b76fc1a589f6ff95ca19ac
Powered by blists - more mailing lists