CVE-2022-49646
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/02/2025
Last modified:
23/10/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
wifi: mac80211: fix queue selection for mesh/OCB interfaces<br />
<br />
When using iTXQ, the code assumes that there is only one vif queue for<br />
broadcast packets, using the BE queue. Allowing non-BE queue marking<br />
violates that assumption and txq->ac == skb_queue_mapping is no longer<br />
guaranteed. This can cause issues with queue handling in the driver and<br />
also causes issues with the recent ATF change, resulting in an AQL<br />
underflow warning.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.2 (including) | 5.4.207 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.132 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.56 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 5.18.13 (excluding) |
| cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc6:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/41ecab279a70dced9005f4d55fa0fcde8938603f
- https://git.kernel.org/stable/c/444be5a02b77f3b7a8ac9c1a0b074fbb3bd89cd0
- https://git.kernel.org/stable/c/50e2ab39291947b6c6c7025cf01707c270fcde59
- https://git.kernel.org/stable/c/5a9df31017999197b6e60535940f2f2fe1bd3b0d
- https://git.kernel.org/stable/c/e013ea2a51a94b903b396a8dff531a07d470335d