CVE-2022-50358
brcmfmac: return error when getting invalid max_flowrings from dongle
In the Linux kernel, the following vulnerability has been resolved:
brcmfmac: return error when getting invalid max_flowrings from dongle
When firmware hit trap at initialization, host will read abnormal
max_flowrings number from dongle, and it will cause kernel panic when
doing iowrite to initialize dongle ring.
To detect this error at early stage, we directly return error when getting
invalid max_flowrings(>256).
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/10c4b63d09a5b0ebf1b61af1dae7f25555cf58b6https://git.kernel.org/stable/c/200347eb3b2608cc8b54c13dd1d5e03809ba2eb2https://git.kernel.org/stable/c/2aca4f3734bd717e04943ddf340d49ab62299a00https://git.kernel.org/stable/c/2e8bb402b060a6c22160de3d72cee057698177c8https://git.kernel.org/stable/c/3cc9299036bdb647408e11e41de3eb1ff6d428cdhttps://git.kernel.org/stable/c/87f126b25fa8562196f0f4c0aa46a446026199bf