CVE-2022-47521

CVSS v3.1 7.8 (High)

EPSS 0.04 % (16^th)

Affected Products 12

Advisories 10

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames.

Weaknesses

CWE-787: Out-of-bounds Write

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2022-12-18 06:15:09
(21 months ago)
Updated Date: 2023-11-07 03:56:17
(10 months ago)

Affected Products

Debian

Debian Linux

Linux

Linux Kernel

Netapp

Configuration #1

	CPE23	From	Up To
Linux Kernel from 5.7 version and prior 5.10.157 version	cpe:2.3:o:linux:linux_kernel	>= 5.7	< 5.10.157
Linux Kernel from 5.11 version and prior 5.15.81 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.81
Linux Kernel from 5.16 version and prior 6.0.11 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.0.11

Configuration #2

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0

Configuration #3

AND

		CPE23
OR
	Netapp H410c Firmware	cpe:2.3:o:netapp:h410c_firmware:-
OR
	Running on/with
	Netapp H410c	cpe:2.3:h:netapp:h410c:-

Configuration #4

AND

		CPE23
OR
	Netapp H300s Firmware	cpe:2.3:o:netapp:h300s_firmware:-
OR
	Running on/with
	Netapp H300s	cpe:2.3:h:netapp:h300s:-

Configuration #5

AND

		CPE23
OR
	Netapp H500s Firmware	cpe:2.3:o:netapp:h500s_firmware:-
OR
	Running on/with
	Netapp H500s	cpe:2.3:h:netapp:h500s:-

Configuration #6

AND

		CPE23
OR
	Netapp H700s Firmware	cpe:2.3:o:netapp:h700s_firmware:-
OR
	Running on/with
	Netapp H700s	cpe:2.3:h:netapp:h700s:-

Configuration #7

AND

		CPE23
OR
	Netapp H410s Firmware	cpe:2.3:o:netapp:h410s_firmware:-
OR
	Running on/with
	Netapp H410s	cpe:2.3:h:netapp:h410s:-