← back
CVE-2022-50358

brcmfmac: return error when getting invalid max_flowrings from dongle

CVSS 4.2 MEDIUMEPSS 0.3%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.2EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
17 Sep 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid max_flowrings from dongle When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cause kernel panic when doing iowrite to initialize dongle ring. To detect this error at early stage, we directly return error when getting invalid max_flowrings(>256).
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
Linux · Linux

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://git.kernel.org/stable/c/10c4b63d09a5b0ebf1b61af1dae7f25555cf58b6https://git.kernel.org/stable/c/200347eb3b2608cc8b54c13dd1d5e03809ba2eb2https://git.kernel.org/stable/c/2aca4f3734bd717e04943ddf340d49ab62299a00https://git.kernel.org/stable/c/2e8bb402b060a6c22160de3d72cee057698177c8https://git.kernel.org/stable/c/3cc9299036bdb647408e11e41de3eb1ff6d428cdhttps://git.kernel.org/stable/c/87f126b25fa8562196f0f4c0aa46a446026199bf