Executive Summary

Informations
Name CVE-2022-49305 First vendor Publication 2025-02-26
Vendor Cve Last vendor Modification 2025-04-14

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 5.5
Base Score 5.5 Environmental Score 5.5
impact SubScore 3.6 Temporal Score 5.5
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()

There is a deadlock in ieee80211_beacons_stop(), which is shown below:

(Thread 1) | (Thread 2)
| ieee80211_send_beacon() ieee80211_beacons_stop() | mod_timer()
spin_lock_irqsave() //(1) | (wait a time)
... | ieee80211_send_beacon_cb()
del_timer_sync() | spin_lock_irqsave() //(2)
(wait timer to stop) | ...

We hold ieee->beacon_lock in position (1) of thread 1 and use del_timer_sync() to wait timer to stop, but timer handler also need ieee->beacon_lock in position (2) of thread 2. As a result, ieee80211_beacons_stop() will block forever.

This patch extracts del_timer_sync() from the protection of spin_lock_irqsave(), which could let timer handler to obtain the needed lock.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49305

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-667 Insufficient Locking

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8
Os 3539

Sources (Detail)

https://git.kernel.org/stable/c/042915c1bfedd684c1d98a841794ee203200571a
https://git.kernel.org/stable/c/1fbe033c52480f7954c057510040fa6286c4ea25
https://git.kernel.org/stable/c/66f769762f65d957f688f3258755c6ec410bf710
https://git.kernel.org/stable/c/806c7b53414934ba2a39449b31fd1a038e500273
https://git.kernel.org/stable/c/b34cb54923a6e5ddefbaf358c85c922c6ab456e2
https://git.kernel.org/stable/c/b465bb2ebf666116c1ac745cb80c65154dc0d27e
https://git.kernel.org/stable/c/ffc9cab7243f8151be37966301307bfd3cda2db3
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2025-06-26 02:09:30
  • Multiple Updates
2025-06-25 12:22:20
  • Multiple Updates
2025-06-24 02:14:06
  • Multiple Updates
2025-05-27 13:23:25
  • Multiple Updates
2025-05-27 02:10:03
  • Multiple Updates
2025-02-26 17:20:32
  • First insertion