CVE-2022-49471

In the Linux kernel, the following vulnerability has been resolved:

rtw89: cfo: check mac_id to avoid out-of-bounds

Somehow, hardware reports incorrect mac_id and pollute memory. Check index before we access the array.

UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23 index 188 is out of range for type 's32 [64]' CPU: 1 PID: 51550 Comm: irq/35-rtw89pc Tainted: G OE Call Trace: <IRQ> showstack+0x52/0x58 dumpstacklvl+0x4c/0x63 dumpstack+0x10/0x12 ubsanepilogue+0x9/0x45 __ubsanhandleoutofbounds.cold+0x44/0x49 ? __allocskb+0x92/0x1d0 rtw89phycfoparse+0x44/0x7f [rtw89core] rtw89corerx+0x261/0x871 [rtw89core] ? __allocskb+0xee/0x1d0 rtw89pci_napipoll+0x3fa/0x4ea [rtw89pci] __napipoll+0x33/0x1a0 netrx_action+0x126/0x260 ? __queue_work+0x217/0x4c0 __dosoftirq+0xd9/0x315 ? disableirqnosync+0x10/0x10 dosoftirq.part.0+0x6d/0x90 </IRQ> <TASK> _localbhenableip+0x62/0x70 rtw89pciinterruptthreadfn+0x182/0x1a6 [rtw89pci] irqthreadfn+0x28/0x60 irqthread+0xc8/0x190 ? irqthreadfn+0x60/0x60 kthread+0x16b/0x190 ? irqthreadcheckaffinity+0xe0/0xe0 ? setkthreadstruct+0x50/0x50 retfromfork+0x22/0x30 </TASK>