CVE-2022-49942
Published: Jun 18, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected When we are not connected to a channel, sending channel "switch" announcement doesn't make any sense. The BSS list is empty in that case. This causes the for loop in cfg80211_get_bss() to be bypassed, so the function returns NULL (check line 1424 of net/wireless/scan.c), causing the WARN_ON() in ieee80211_ibss_csa_beacon() to get triggered (check line 500 of net/mac80211/ibss.c), which was consequently reported on the syzkaller dashboard. Thus, check if we have an existing connection before generating the CSA beacon in ieee80211_ibss_finish_csa().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected cd7760e62c2ac8581f050b2d36501d1a60beaf83 - < cdb9a8da9b84800eb15506cd9363cf0cf059e677affected cd7760e62c2ac8581f050b2d36501d1a60beaf83 - < 1691a48aef0a82d1754b9853dae7e3f5cacdf70baffected cd7760e62c2ac8581f050b2d36501d1a60beaf83 - < d9eb37db6a28b59a95a3461450ee209654c5f95baffected cd7760e62c2ac8581f050b2d36501d1a60beaf83 - < 66689c5c02acd4d76c28498fe220998610aec61eaffected cd7760e62c2ac8581f050b2d36501d1a60beaf83 - < dd649b49219a0388cc10fc40e4c2ea681566a780+3 more versions |
Linux | Linux | affected 3.13unaffected 0 - < 3.13unaffected 4.9.328 - <= 4.9.*unaffected 4.14.293 - <= 4.14.*unaffected 4.19.258 - <= 4.19.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now