CVE-2022-50533 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-50533 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mlme: fix null-ptr deref on failed assoc If association to an AP without a link 0 fails, then we crash in tracing because it assumes that either ap_mld_addr or link 0 BSS is valid, since we clear sdata->vif.valid_links and then don't add the ap_mld_addr to the struct. Since we clear also sdata->vif.cfg.ap_addr, keep a local copy of it and assign it earlier, before clearing valid_links, to fix this.

EPSS 0.01% · 1.8th percentile

Risk Scores

EPSS Score

0.01%

1.8th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.0, 6.0, 6.0
Linux	Linux	6.0.16, 81151ce462e533551f3284bfdb8e0f461c9220e6, 6.2

Timeline

Oct 7, 2025 CVE Published
Oct 8, 2025 EPSS Score
Oct 14, 2025 EPSS Score
Oct 20, 2025 EPSS Score
Oct 25, 2025 EPSS Score
Oct 31, 2025 EPSS Score
Nov 6, 2025 EPSS Score
Nov 12, 2025 EPSS Score
Nov 18, 2025 EPSS Score
Nov 23, 2025 EPSS Score
Nov 29, 2025 EPSS Score
Dec 5, 2025 EPSS Score

References

Open in Interactive Console →