代码拉取完成,页面将自动刷新
一、漏洞信息
漏洞编号:CVE-2022-49942
漏洞归属组件:kernel
漏洞归属的版本:6.6.0
CVSS V3.0分值:
BaseScore:N/A None
Vector:CVSS:3.0/
漏洞简述:
In the Linux kernel, the following vulnerability has been resolved:wifi: mac80211: Don t finalize CSA in IBSS mode if state is disconnectedWhen we are not connected to a channel, sending channel switch announcement doesn t make any sense.The BSS list is empty in that case. This causes the for loop incfg80211_get_bss() to be bypassed, so the function returns NULL(check line 1424 of net/wireless/scan.c), causing the WARN_ON()in ieee80211_ibss_csa_beacon() to get triggered (check line 500of net/mac80211/ibss.c), which was consequently reported on thesyzkaller dashboard.Thus, check if we have an existing connection before generatingthe CSA beacon in ieee80211_ibss_finish_csa().
漏洞公开时间:2025-06-18 19:15:21
漏洞创建时间:2025-06-19 10:42:04
漏洞详情参考链接:
https://nvd.nist.gov/vuln/detail/CVE-2022-49942
漏洞分析指导链接:
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
漏洞数据来源:
七彩瞬析开源风险感知平台
漏洞补丁信息:
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:wifi: mac80211: Don t finalize CSA in IBSS mode if state is disconnectedWhen we are not connected to a channel, sending channel switch announcement doesn t make any sense.The BSS list is empty in that case. This causes the for loop incfg80211_get_bss() to be bypassed, so the function returns NULL(check line 1424 of net/wireless/scan.c), causing the WARN_ON()in ieee80211_ibss_csa_beacon() to get triggered (check line 500of net/mac80211/ibss.c), which was consequently reported on thesyzkaller dashboard.Thus, check if we have an existing connection before generatingthe CSA beacon in ieee80211_ibss_finish_csa().
openEuler评分:
5.5
Vector:CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
受影响版本排查(受影响/不受影响):
1.openEuler-20.03-LTS-SP4(4.19.90):受影响
2.openEuler-22.03-LTS-SP3(5.10.0):不受影响
3.openEuler-22.03-LTS-SP4(5.10.0):不受影响
4.master(6.12.33):不受影响
5.openEuler-24.03-LTS(6.6.0):不受影响
6.openEuler-24.03-LTS-Next(6.6.0):不受影响
7.openEuler-24.03-LTS-SP1(6.6.0):不受影响
8.openEuler-24.03-LTS-SP2(6.6.0):不受影响
修复是否涉及abi变化(是/否):
1.openEuler-20.03-LTS-SP4(4.19.90):否
2.openEuler-22.03-LTS-SP3(5.10.0):否
3.master(6.12.33):否
4.openEuler-24.03-LTS(6.6.0):否
5.openEuler-24.03-LTS-Next(6.6.0):否
6.openEuler-22.03-LTS-SP4(5.10.0):否
7.openEuler-24.03-LTS-SP1(6.6.0):否
8.openEuler-24.03-LTS-SP2(6.6.0):否
原因说明:
1.openEuler-20.03-LTS-SP4(4.19.90):正常修复
2.master(6.12.33):不受影响-漏洞代码不能被攻击者触发
3.openEuler-24.03-LTS-Next(6.6.0):不受影响-漏洞代码不能被攻击者触发
4.openEuler-22.03-LTS-SP3(5.10.0):不受影响-漏洞代码不存在
5.openEuler-22.03-LTS-SP4(5.10.0):不受影响-漏洞代码不存在
6.openEuler-24.03-LTS(6.6.0):不受影响-漏洞代码不存在
7.openEuler-24.03-LTS-SP1(6.6.0):不受影响-漏洞代码不存在
8.openEuler-24.03-LTS-SP2(6.6.0):不受影响-漏洞代码不存在
三、漏洞修复
安全公告链接:https://www.openeuler.org/zh/security/safety-bulletin/detail/?id=openEuler-SA-2025-1820
FileDragTip