Use After Free Vulnerability in Linux Kernel Affecting WiFi Functionality
CVE-2022-49934

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 June 2025

What is CVE-2022-49934?

A use after free vulnerability exists in the Linux kernel's mac80211 subsystem. Specifically, in the ieee80211_scan_rx() function, a reference to scan_req->flags is made after a null check, leading to the risk of accessing freed memory when a WiFi scan completes. The vulnerability arises when __ieee80211_scan_completed() executes and calls cfg80211_scan_done(), ultimately freeing scan_req. To mitigate this issue, precautions must be enforced to avoid accessing scan_req within the RCU read critical section before calling cfg80211_scan_done(), ensuring system stability and integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 6ea0a69ca21bbddab5b3979c2190013b0263e749 < 6eb181a64fdabf10be9e54de728876667da20255

Linux 6ea0a69ca21bbddab5b3979c2190013b0263e749

Linux 6ea0a69ca21bbddab5b3979c2190013b0263e749 < 78a07732fbb0934d14827d8f09b9aa6a49ee1aa9

References

https://git.kernel.org/stable/c/6eb181a64fdabf10be9e54de7...
https://git.kernel.org/stable/c/e0ff39448cea654843744c72c...
https://git.kernel.org/stable/c/78a07732fbb0934d14827d8f0...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.