{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-49646","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-02-26T02:21:30.432Z","datePublished":"2025-02-26T02:23:51.083Z","dateUpdated":"2025-06-19T12:56:22.868Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-06-19T12:56:22.868Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix queue selection for mesh/OCB interfaces\n\nWhen using iTXQ, the code assumes that there is only one vif queue for\nbroadcast packets, using the BE queue. Allowing non-BE queue marking\nviolates that assumption and txq->ac == skb_queue_mapping is no longer\nguaranteed. This can cause issues with queue handling in the driver and\nalso causes issues with the recent ATF change, resulting in an AQL\nunderflow warning."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/mac80211/wme.c"],"versions":[{"version":"1974da8b31e6ea9c96c21505ffcb546fa59add23","lessThan":"444be5a02b77f3b7a8ac9c1a0b074fbb3bd89cd0","status":"affected","versionType":"git"},{"version":"1974da8b31e6ea9c96c21505ffcb546fa59add23","lessThan":"e013ea2a51a94b903b396a8dff531a07d470335d","status":"affected","versionType":"git"},{"version":"1974da8b31e6ea9c96c21505ffcb546fa59add23","lessThan":"5a9df31017999197b6e60535940f2f2fe1bd3b0d","status":"affected","versionType":"git"},{"version":"1974da8b31e6ea9c96c21505ffcb546fa59add23","lessThan":"41ecab279a70dced9005f4d55fa0fcde8938603f","status":"affected","versionType":"git"},{"version":"1974da8b31e6ea9c96c21505ffcb546fa59add23","lessThan":"50e2ab39291947b6c6c7025cf01707c270fcde59","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/mac80211/wme.c"],"versions":[{"version":"5.2","status":"affected"},{"version":"0","lessThan":"5.2","status":"unaffected","versionType":"semver"},{"version":"5.4.207","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.132","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.56","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.18.13","lessThanOrEqual":"5.18.*","status":"unaffected","versionType":"semver"},{"version":"5.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.4.207"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.10.132"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.15.56"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.18.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/444be5a02b77f3b7a8ac9c1a0b074fbb3bd89cd0"},{"url":"https://git.kernel.org/stable/c/e013ea2a51a94b903b396a8dff531a07d470335d"},{"url":"https://git.kernel.org/stable/c/5a9df31017999197b6e60535940f2f2fe1bd3b0d"},{"url":"https://git.kernel.org/stable/c/41ecab279a70dced9005f4d55fa0fcde8938603f"},{"url":"https://git.kernel.org/stable/c/50e2ab39291947b6c6c7025cf01707c270fcde59"}],"title":"wifi: mac80211: fix queue selection for mesh/OCB interfaces","x_generator":{"engine":"bippy-1.2.0"}}}}