CVE-2022-49309

Feb. 26, 2025, 7:01 a.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback() There is a deadlock in rtw_surveydone_event_callback(), which is shown below: (Thread 1) | (Thread 2) | _set_timer() rtw_surveydone_event_callback()| mod_timer() spin_lock_bh() //(1) | (wait a time) ... | rtw_scan_timeout_handler() del_timer_sync() | spin_lock_bh() //(2) (wait timer to stop) | ... We hold pmlmepriv->lock in position (1) of thread 1 and use del_timer_sync() to wait timer to stop, but timer handler also need pmlmepriv->lock in position (2) of thread 2. As a result, rtw_surveydone_event_callback() will block forever. This patch extracts del_timer_sync() from the protection of spin_lock_bh(), which could let timer handler to obtain the needed lock. What`s more, we change spin_lock_bh() in rtw_scan_timeout_handler() to spin_lock_irq(). Otherwise, spin_lock_bh() will also cause deadlock() in timer handler.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/2c41f5c341853f84b7bc2f32605d4e2782e8c279
https://git.kernel.org/stable/c/cc7ad0d77b51c872d629bcd98aea463a3c4109e7
https://git.kernel.org/stable/c/ce129d3efd181da5fd56f4360cc8827122afa67e
https://git.kernel.org/stable/c/f89f6c3ebf69623b8ea48200bd690e9e210335a1

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-02-26
CVE-2022-49309

Timeline

Published: Feb. 26, 2025, 7:01 a.m.
Last Modified: Feb. 26, 2025, 7:01 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.