SB20251226145 - Use-after-free in Linux kernel ath ar5523 driver
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB20251226145
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2022-50716)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ar5523_cmd_tx_cb() and ar5523_cmd() functions in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/340524ae7b53a72cf5d9e7bd7790433422b3b12f
- https://git.kernel.org/stable/c/3eca9697c2f3905dea3ad2fc536ebaa1fbd735bd
- https://git.kernel.org/stable/c/601ae89375033ac4870c086e24ba03f235d38e55
- https://git.kernel.org/stable/c/6447beefd21326a3f4719ec2ea511df797f6c820
- https://git.kernel.org/stable/c/7360b323e0343ea099091d4ae09576dbe1f09516
- https://git.kernel.org/stable/c/8af52492717e3538eba3f81d012b1476af8a89a6
- https://git.kernel.org/stable/c/9aef34e1ae35a87e5f6a22278c17823b7ce64c88
- https://git.kernel.org/stable/c/b6702a942a069c2a975478d719e98d83cdae1797
- https://git.kernel.org/stable/c/c9ba3fbf6a488da6cad1d304c5234bd8d729eba3
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.337