Severity: Unknown
Affected Package: kernel
Summary: Heap overflow in 802.11s Mesh ID beacon handling
The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it into a heap-allocated buffer. A malicious beacon frame could overwrite kernel memory, potentially achieving remote code execution when a MidnightBSD Wi-Fi client is in scanning mode.
No specific recommendations provided.
Aliases: CVE-2022-23088
Published: April 06, 2022
Last Modified: April 06, 2022