Lucene search
FreebsdCVELIST:CVE-2022-23088HistoryFeb 15, 2024 - 5:03 a.m.
CVE-2022-23088 802.11 heap buffer overflow
2024-02-1505:03:38
freebsd
www.cve.org
cve-2022-23088
802.11
buffer overflow
freebsd
wi-fi client
beacon handling
remote code execution
ieee 802.11s mesh id
The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer.
While a FreeBSD Wi-Fi client is in scanning mode (i.e., not associated with a SSID) a malicious beacon frame may overwrite kernel memory, leading to remote code execution.
CNA Affected
[
{
"defaultStatus": "unknown",
"modules": [
"net80211"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p1",
"status": "affected",
"version": "13.1-RC1",
"versionType": "release"
},
{
"lessThan": "p11",
"status": "affected",
"version": "13.0-RELEASE",
"versionType": "release"
},
{
"lessThan": "p5",
"status": "affected",
"version": "12.3-RELEASE",
"versionType": "release"
}
]
}
]Related
freebsd
freebsd
FreeBSD -- 802.11 heap buffer overflow
2022-04-06 00:00:00
nessus
nessus
nvd
nvd
CVE-2022-23088
2024-02-15 05:15:09
zdi
zdi
freebsd_advisory
freebsd_advisory
FreeBSD-SA-22:07.wifi_meshid
2022-04-06 00:00:00
prion
prion
Heap overflow
2024-02-15 05:15:00
cve
cve
CVE-2022-23088
2024-02-15 05:15:09