CVE-2022-50533
BaseFortify
Publication date: 2025-10-07
Last updated on: 2026-03-17
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a null-pointer dereference in the Linux kernel's wifi mac80211 mlme component. It occurs when association to an access point (AP) without a link 0 fails. The system crashes because it incorrectly assumes that either the ap_mld_addr or link 0 BSS is valid, but these are not properly set due to clearing of valid_links and ap_addr without preserving necessary values. The fix involves keeping a local copy of ap_addr and assigning it before clearing valid_links to prevent the crash.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash during wifi association failures, leading to system instability or denial of service. This could disrupt network connectivity and affect the availability of systems relying on wifi connections.