CVE-2022-49533

UNKNOWN 0.0

ath11k: Change max no of active probe SSID and BSSID to fw capability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: ath11k: Change max no of active probe SSID and BSSID to fw capability The maximum number of SSIDs in a for active probe requests is currently reported as 16 (WLAN_SCAN_PARAMS_MAX_SSID) when registering the driver. The scan_req_params structure only has the capacity to hold 10 SSIDs. This leads to a buffer overflow which can be triggered from wpa_supplicant in userspace. When copying the SSIDs into the scan_req_params structure in the ath11k_mac_op_hw_scan route, it can overwrite the extraie pointer. Firmware supports 16 ssid * 4 bssid, for each ssid 4 bssid combo probe request will be sent, so totally 64 probe requests supported. So set both max ssid and bssid to 16 and 4 respectively. Remove the redundant macros of ssid and bssid. Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.7.0.1-01300-QCAHKSWPL_SILICONZ-1

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Feb 26, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

d5c65159f2895379e11ca13f62feabe93278985d < 210505788f1d243232e21ef660efcd4838890ce8 d5c65159f2895379e11ca13f62feabe93278985d < ec5dfa1d66f2f71a48dab027d26a9fa78eb0f58f d5c65159f2895379e11ca13f62feabe93278985d < 50dc9ce9f80554a88e33b73c30851acf2be36ed3

Linux / Linux

5.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/210505788f1d243232e21ef660efcd4838890ce8 git.kernel.org: https://git.kernel.org/stable/c/ec5dfa1d66f2f71a48dab027d26a9fa78eb0f58f git.kernel.org: https://git.kernel.org/stable/c/50dc9ce9f80554a88e33b73c30851acf2be36ed3