Lucene search
HistoryFeb 15, 2024 - 5:15 a.m.
CVE-2022-23088
cve-2022-23088
802.11
beacon
ieee
802.11s
mesh id
heap-allocated buffer
freebsd
wi-fi
scanning mode
remote code execution
nvd
The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer.
While a FreeBSD Wi-Fi client is in scanning mode (i.e., not associated with a SSID) a malicious beacon frame may overwrite kernel memory, leading to remote code execution.
CNA Affected
[
{
"defaultStatus": "unknown",
"modules": [
"net80211"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p1",
"status": "affected",
"version": "13.1-RC1",
"versionType": "release"
},
{
"lessThan": "p11",
"status": "affected",
"version": "13.0-RELEASE",
"versionType": "release"
},
{
"lessThan": "p5",
"status": "affected",
"version": "12.3-RELEASE",
"versionType": "release"
}
]
}
]Social References
More
Related
freebsd
freebsd
FreeBSD -- 802.11 heap buffer overflow
2022-04-06 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2022-23088 802.11 heap buffer overflow
2024-02-15 05:03:38
nvd
nvd
CVE-2022-23088
2024-02-15 05:15:09
zdi
zdi
freebsd_advisory
freebsd_advisory
FreeBSD-SA-22:07.wifi_meshid
2022-04-06 00:00:00
prion
prion
Heap overflow
2024-02-15 05:15:00