DEBIAN-CVE-2022-49309
- Source
- https://security-tracker.debian.org/tracker/DEBIAN-CVE-2022-49309
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-49309.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-49309
- Upstream
- Published
- 2025-02-26T07:01:07Z
- Modified
- 2025-09-19T07:32:38.889659Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix deadlock in rtwsurveydoneeventcallback() There is a deadlock in rtwsurveydoneeventcallback(), which is shown below: (Thread 1) | (Thread 2) | settimer() rtwsurveydoneeventcallback()| modtimer() spinlockbh() //(1) | (wait a time) ... | rtwscantimeouthandler() deltimersync() | spinlockbh() //(2) (wait timer to stop) | ... We hold pmlmepriv->lock in position (1) of thread 1 and use deltimersync() to wait timer to stop, but timer handler also need pmlmepriv->lock in position (2) of thread 2. As a result, rtwsurveydoneeventcallback() will block forever. This patch extracts deltimersync() from the protection of spinlockbh(), which could let timer handler to obtain the needed lock. What`s more, we change spinlockbh() in rtwscantimeouthandler() to spinlockirq(). Otherwise, spinlock_bh() will also cause deadlock() in timer handler.
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.237-1
Affected versions
5.*
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source