DEBIAN-CVE-2022-49311
- Source
- https://security-tracker.debian.org/tracker/DEBIAN-CVE-2022-49311
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-49311.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-49311
- Upstream
- Published
- 2025-02-26T07:01:07Z
- Modified
- 2025-09-19T06:07:25Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192bs: Fix deadlock in rtwjoinbsseventprehandle() There is a deadlock in rtwjoinbsseventprehandle(), which is shown below: (Thread 1) | (Thread 2) | settimer() rtwjoinbsseventprehandle()| modtimer() spinlockbh() //(1) | (wait a time) ... | rtwjointimeouthandler() deltimersync() | spinlockbh() //(2) (wait timer to stop) | ... We hold pmlmepriv->lock in position (1) of thread 1 and use deltimersync() to wait timer to stop, but timer handler also need pmlmepriv->lock in position (2) of thread 2. As a result, rtwjoinbsseventprehandle() will block forever. This patch extracts deltimersync() from the protection of spinlockbh(), which could let timer handler to obtain the needed lock. What`s more, we change spinlockbh() to spinlockirq() in _rtwjointimeouthandler() in order to prevent deadlock.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source