CVE-2022-49231:A vulnerability in the Linux kernel Realtek rtw88 driver during hardware scans (hw_scan) caused memory overrun and memory leaks, which has been fixed by correcting allocation size and deinitialization flow.

splash
Back

Description Preview

In the Linux kernel, the Realtek rtw88 wireless driver could allocate insufficient memory during hardware scanning (hw_scan), leading to memory overrun and potential memory leaks, especially when the path returned early. This was addressed by ensuring the correct allocation size is used and by implementing a proper deinitialization flow, preventing buffer overflows and related kernel faults. The fix is reflected in the stable kernel updates and associated commits, with affected ranges delineated and corrected in subsequent releases.

Overview

The rtw88 memory overrun and memory leak issue during hw_scan affected certain kernel revisions and was resolved by applying fixes that ensure correct memory sizing and proper deinitialization. The patch prevents writing beyond allocated buffers and mitigates leaks when exiting the hw_scan path. Upstream and distribution patches align to provide safe, stable behavior in kernel releases after the fix.

Remediation

  • Upgrade the Linux kernel to a version that includes the rtw88 fix (typically 5.18 or newer). If you are on the 5.17 series, ensure you receive the backported fix or move to a newer kernel line where the patch is included.
  • If upgrading is not feasible, apply the backport patch to the Realtek rtw88 driver (fw.c) from the stable kernel commits referenced in the advisory, rebuild the kernel/module, and reboot.
  • Update Realtek rtw88 firmware if a newer firmware package is available, and rebuild/reload modules as needed.
  • After applying the fix, run hw_scan-related operations in a controlled environment and monitor dmesg/logs for any memory corruption or related errors to confirm the issue is resolved.
  • Plan and test a full reboot and regression test to ensure no new faults are introduced in wireless functionality.

References

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Manufacturing: Medium
    Manufacturing
  2. Public Administration: Medium
    Public Administration
  3. Health Care & Social Assistance: Medium
    Health Care & Social Assistance
  4. Professional, Scientific, & Technical Services: Low
    Professional, Scientific, & Technical Services
  5. Retail Trade: Low
    Retail Trade
  6. Finance and Insurance: Low
    Finance and Insurance
  7. Arts, Entertainment & Recreation: Low
    Arts, Entertainment & Recreation
  8. Educational Services: Low
    Educational Services
  9. Transportation & Warehousing: Low
    Transportation & Warehousing
  10. Other Services (except Public Administration): Low
    Other Services (except Public Administration)
  11. Management of Companies & Enterprises: Low
    Management of Companies & Enterprises
  12. Information: Low
    Information
  13. Real Estate Rental & Leasing: Low
    Real Estate Rental & Leasing
  14. Accommodation & Food Services: Low
    Accommodation & Food Services
  15. Administrative, Support, Waste Management & Remediation Services: Low
    Administrative, Support, Waste Management & Remediation Services
  16. Agriculture, Forestry Fishing & Hunting: Low
    Agriculture, Forestry Fishing & Hunting
  17. Construction: Low
    Construction
  18. Mining: Low
    Mining
  19. Utilities: Low
    Utilities
  20. Wholesale Trade: Low
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background