CVE-2022-23088
CRITICALDescription
The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer. While a FreeBSD Wi-Fi client is in scanning mode (i.e., not associated with a SSID) a malicious beacon frame may overwrite kernel memory, leading to remote code execution.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
References
Frequently Asked Questions
What is CVE-2022-23088? +
How severe is CVE-2022-23088? +
What products are affected by CVE-2022-23088? +
How do I check if I'm vulnerable to CVE-2022-23088? +
Related Vulnerabilities
Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute …
Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.217 , Tabby enables several high-risk Electron Fuses, including …
A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default …
Actual is an open-source personal finance application. In the macOS desktop application version 25.x (built on Electron 39.2.7), the ELECTRON_RUN_AS_NODE …
zx is a tool for writing better scripts. An attacker with control over environment variable values can inject unintended environment …
An error related to the 2-factor authorization (2FA) on the RISC Platform prior to the saas-2021-12-29 release can potentially be …