CVE-2022-50831 - Vulnerability Details

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

References

No reference.

History

Tue, 30 Dec 2025 14:30:00 +0000

Type	Values Removed	Values Added
References	https://git.kernel.org/stable/c/de124365a7d2deed22cf706583930f28d537ff0f

Tue, 30 Dec 2025 14:00:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix MBSSID parsing use-after-free commit ff05d4b45dd89b922578dac497dcabf57cf771c6 When we parse a multi-BSSID element, we might point some element pointers into the allocated nontransmitted_profile. However, we free this before returning, causing UAF when the relevant pointers in the parsed elements are accessed. Fix this by not allocating the scratch buffer separately but as part of the returned structure instead, that way, there are no lifetime issues with it. The scratch buffer introduction as part of the returned data here is taken from MLO feature work done by Ilan. This fixes CVE-2022-42719.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title	wifi: mac80211: fix MBSSID parsing use-after-free
CPEs	cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products	Linux Linux linux Kernel

Tue, 30 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix MBSSID parsing use-after-free commit ff05d4b45dd89b922578dac497dcabf57cf771c6 When we parse a multi-BSSID element, we might point some element pointers into the allocated nontransmitted_profile. However, we free this before returning, causing UAF when the relevant pointers in the parsed elements are accessed. Fix this by not allocating the scratch buffer separately but as part of the returned structure instead, that way, there are no lifetime issues with it. The scratch buffer introduction as part of the returned data here is taken from MLO feature work done by Ilan. This fixes CVE-2022-42719.
Title		wifi: mac80211: fix MBSSID parsing use-after-free
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/de124365a7d2deed22cf706583930f28d537ff0f

MITRE

Status: REJECTED

Assigner: Linux

Published: 2025-12-30T12:10:52.754Z

Updated: 2025-12-30T13:52:29.775Z

Reserved: 2025-12-30T12:06:07.132Z

Link: CVE-2022-50831

Vulnrichment

No data.

NVD

Status : Rejected

Published: 2025-12-30T13:15:57.597

Modified: 2025-12-30T14:15:51.437

Link: CVE-2022-50831

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics