CVE-2022-49503

HIGH EPSS 17.3%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
High
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix The "rxstatus->rs_keyix" eventually gets passed to test_bit() so we need to ensure that it is within the bitmap. drivers/net/wireless/ath/ath9k/common.c:46 ath9k_cmn_rx_accept() error: passing untrusted data 'rx_stats->rs_keyix' to 'test_bit()'

CVSS Details

Base Score
7.1
Exploitability
1.8
Impact
5.2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
17.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥3.15  –  <4.9.318
linuxlinux_kernel*≥4.10  –  <4.14.283
linuxlinux_kernel*≥4.15  –  <4.19.247
linuxlinux_kernel*≥4.20  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.121
linuxlinux_kernel*≥5.11  –  <5.15.46
linuxlinux_kernel*≥5.16  –  <5.17.14
linuxlinux_kernel*≥5.18  –  <5.18.3

References 9

  • git.kernel.org https://git.kernel.org/stable/c/0bcb528402cd5e1a6e1833e956fd58a12d509e8e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2326d398ccd41ba6d93b8346532dfa432ab00fee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2dc509305cf956381532792cb8dceef2b1504765
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3dad3fed5672828c7fb0465cb66a3d9a70952fa6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/461e4c1f199076275f16bf6f3d3e42c6b6c79f33
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4bdcf32c965c27f55ccc4ee71c1927131115b0bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7f6defe0fabc79f29603c6fa3c80e4fe0456a3e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a048e0c3caa852397b7b50d4c82a0415c05f7ac3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eda518db7db16c360bc84379d90675650daa3048
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0bcb528402cd5e1a6e1833e956fd58a12d509e8e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2326d398ccd41ba6d93b8346532dfa432ab00fee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2dc509305cf956381532792cb8dceef2b1504765
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3dad3fed5672828c7fb0465cb66a3d9a70952fa6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/461e4c1f199076275f16bf6f3d3e42c6b6c79f33
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4bdcf32c965c27f55ccc4ee71c1927131115b0bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7f6defe0fabc79f29603c6fa3c80e4fe0456a3e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a048e0c3caa852397b7b50d4c82a0415c05f7ac3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eda518db7db16c360bc84379d90675650daa3048
    Patch