vulnerability

FreeBSD: VID-d4cc994f-b61d-11ec-9ebc-1c697aa5a594 (CVE-2022-23088): FreeBSD -- 802.11 heap buffer overflow

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Apr 7, 2022	Nov 4, 2022	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Apr 7, 2022

Added

Nov 4, 2022

Modified

Dec 10, 2025

Description

Problem Description: The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer. Impact: While a FreeBSD Wi-Fi client is in scanning mode (i.e., not associated with a SSID) a malicious beacon frame may overwrite kernel memory, leading to remote code execution.

Solutions

freebsd-upgrade-base-13_0-release-p11freebsd-upgrade-base-12_3-release-p5

References

CVE-2022-23088
https://attackerkb.com/topics/CVE-2022-23088
CWE-94

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today