CVE-2022-49305

MEDIUM EPSS 8.5%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() There is a deadlock in ieee80211_beacons_stop(), which is shown below: (Thread 1) | (Thread 2) | ieee80211_send_beacon() ieee80211_beacons_stop() | mod_timer() spin_lock_irqsave() //(1) | (wait a time) ... | ieee80211_send_beacon_cb() del_timer_sync() | spin_lock_irqsave() //(2) (wait timer to stop) | ... We hold ieee->beacon_lock in position (1) of thread 1 and use del_timer_sync() to wait timer to stop, but timer handler also need ieee->beacon_lock in position (2) of thread 2. As a result, ieee80211_beacons_stop() will block forever. This patch extracts del_timer_sync() from the protection of spin_lock_irqsave(), which could let timer handler to obtain the needed lock.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel* <4.19.247
linuxlinux_kernel*≥4.20  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.122
linuxlinux_kernel*≥5.11  –  <5.15.47
linuxlinux_kernel*≥5.16  –  <5.17.15
linuxlinux_kernel*≥5.18  –  <5.18.4

References 7

  • git.kernel.org https://git.kernel.org/stable/c/042915c1bfedd684c1d98a841794ee203200571a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1fbe033c52480f7954c057510040fa6286c4ea25
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/66f769762f65d957f688f3258755c6ec410bf710
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/806c7b53414934ba2a39449b31fd1a038e500273
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b34cb54923a6e5ddefbaf358c85c922c6ab456e2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b465bb2ebf666116c1ac745cb80c65154dc0d27e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ffc9cab7243f8151be37966301307bfd3cda2db3
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/042915c1bfedd684c1d98a841794ee203200571a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1fbe033c52480f7954c057510040fa6286c4ea25
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/66f769762f65d957f688f3258755c6ec410bf710
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/806c7b53414934ba2a39449b31fd1a038e500273
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b34cb54923a6e5ddefbaf358c85c922c6ab456e2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b465bb2ebf666116c1ac745cb80c65154dc0d27e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ffc9cab7243f8151be37966301307bfd3cda2db3
    Patch