{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2022-49123", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T01:49:39.265Z", "datePublished": "2025-02-26T01:55:02.697Z", "dateUpdated": "2026-05-11T18:53:36.446Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T18:53:36.446Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nath11k: Fix frames flush failure caused by deadlock\n\nWe are seeing below warnings:\n\nkernel: [25393.301506] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421509] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421831] ath11k_pci 0000:01:00.0: dropping mgmt frame for vdev 0, is_started 0\n\nthis means ath11k fails to flush mgmt. frames because wmi_mgmt_tx_work\nhas no chance to run in 5 seconds.\n\nBy setting /proc/sys/kernel/hung_task_timeout_secs to 20 and increasing\nATH11K_FLUSH_TIMEOUT to 50 we get below warnings:\n\nkernel: [ 120.763160] INFO: task wpa_supplicant:924 blocked for more than 20 seconds.\nkernel: [ 120.763169] Not tainted 5.10.90 #12\nkernel: [ 120.763177] \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nkernel: [ 120.763186] task:wpa_supplicant state:D stack: 0 pid: 924 ppid: 1 flags:0x000043a0\nkernel: [ 120.763201] Call Trace:\nkernel: [ 120.763214] __schedule+0x785/0x12fa\nkernel: [ 120.763224] ? lockdep_hardirqs_on_prepare+0xe2/0x1bb\nkernel: [ 120.763242] schedule+0x7e/0xa1\nkernel: [ 120.763253] schedule_timeout+0x98/0xfe\nkernel: [ 120.763266] ? run_local_timers+0x4a/0x4a\nkernel: [ 120.763291] ath11k_mac_flush_tx_complete+0x197/0x2b1 [ath11k 13c3a9bf37790f4ac8103b3decf7ab4008ac314a]\nkernel: [ 120.763306] ? init_wait_entry+0x2e/0x2e\nkernel: [ 120.763343] __ieee80211_flush_queues+0x167/0x21f [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763378] __ieee80211_recalc_idle+0x105/0x125 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763411] ieee80211_recalc_idle+0x14/0x27 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763441] ieee80211_free_chanctx+0x77/0xa2 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763473] __ieee80211_vif_release_channel+0x100/0x131 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763540] ieee80211_vif_release_channel+0x66/0x81 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763572] ieee80211_destroy_auth_data+0xa3/0xe6 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763612] ieee80211_mgd_deauth+0x178/0x29b [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763654] cfg80211_mlme_deauth+0x1a8/0x22c [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763697] nl80211_deauthenticate+0xfa/0x123 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763715] genl_rcv_msg+0x392/0x3c2\nkernel: [ 120.763750] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763782] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763802] ? genl_rcv+0x36/0x36\nkernel: [ 120.763814] netlink_rcv_skb+0x89/0xf7\nkernel: [ 120.763829] genl_rcv+0x28/0x36\nkernel: [ 120.763840] netlink_unicast+0x179/0x24b\nkernel: [ 120.763854] netlink_sendmsg+0x393/0x401\nkernel: [ 120.763872] sock_sendmsg+0x72/0x76\nkernel: [ 120.763886] ____sys_sendmsg+0x170/0x1e6\nkernel: [ 120.763897] ? copy_msghdr_from_user+0x7a/0xa2\nkernel: [ 120.763914] ___sys_sendmsg+0x95/0xd1\nkernel: [ 120.763940] __sys_sendmsg+0x85/0xbf\nkernel: [ 120.763956] do_syscall_64+0x43/0x55\nkernel: [ 120.763966] entry_SYSCALL_64_after_hwframe+0x44/0xa9\nkernel: [ 120.763977] RIP: 0033:0x79089f3fcc83\nkernel: [ 120.763986] RSP: 002b:00007ffe604f0508 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nkernel: [ 120.763997] RAX: ffffffffffffffda RBX: 000059b40e987690 RCX: 000079089f3fcc83\nkernel: [ 120.764006] RDX: 0000000000000000 RSI: 00007ffe604f0558 RDI: 0000000000000009\nkernel: [ 120.764014] RBP: 00007ffe604f0540 R08: 0000000000000004 R09: 0000000000400000\nkernel: [ 120.764023] R10: 00007ffe604f0638 R11: 0000000000000246 R12: 000059b40ea04980\nkernel: [ 120.764032] R13: 00007ffe604\n---truncated---"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ath/ath11k/mac.c"], "versions": [{"version": "d5c65159f2895379e11ca13f62feabe93278985d", "lessThan": "33e723dc054edfc94da90eecca3b72cb424ce4a3", "status": "affected", "versionType": "git"}, {"version": "d5c65159f2895379e11ca13f62feabe93278985d", "lessThan": "261b07519518bd14cb168b287b17e1d195f8d0c8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ath/ath11k/mac.c"], "versions": [{"version": "5.6", "status": "affected"}, {"version": "0", "lessThan": "5.6", "status": "unaffected", "versionType": "semver"}, {"version": "5.17.3", "lessThanOrEqual": "5.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.18", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "5.17.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "5.18"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/33e723dc054edfc94da90eecca3b72cb424ce4a3"}, {"url": "https://git.kernel.org/stable/c/261b07519518bd14cb168b287b17e1d195f8d0c8"}], "title": "ath11k: Fix frames flush failure caused by deadlock", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-49123", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-01T19:48:35.704983Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-667", "description": "CWE-667 Improper Locking"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T19:57:03.659Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-49123", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-01T19:48:35.704983Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-667", "description": "CWE-667 Improper Locking"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T16:06:17.067Z"}}], "cna": {"title": "ath11k: Fix frames flush failure caused by deadlock", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "d5c65159f2895379e11ca13f62feabe93278985d", "lessThan": "33e723dc054edfc94da90eecca3b72cb424ce4a3", "versionType": "git"}, {"status": "affected", "version": "d5c65159f2895379e11ca13f62feabe93278985d", "lessThan": "261b07519518bd14cb168b287b17e1d195f8d0c8", "versionType": "git"}], "programFiles": ["drivers/net/wireless/ath/ath11k/mac.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.6"}, {"status": "unaffected", "version": "0", "lessThan": "5.6", "versionType": "semver"}, {"status": "unaffected", "version": "5.17.3", "versionType": "semver", "lessThanOrEqual": "5.17.*"}, {"status": "unaffected", "version": "5.18", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/wireless/ath/ath11k/mac.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/33e723dc054edfc94da90eecca3b72cb424ce4a3"}, {"url": "https://git.kernel.org/stable/c/261b07519518bd14cb168b287b17e1d195f8d0c8"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nath11k: Fix frames flush failure caused by deadlock\n\nWe are seeing below warnings:\n\nkernel: [25393.301506] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421509] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421831] ath11k_pci 0000:01:00.0: dropping mgmt frame for vdev 0, is_started 0\n\nthis means ath11k fails to flush mgmt. frames because wmi_mgmt_tx_work\nhas no chance to run in 5 seconds.\n\nBy setting /proc/sys/kernel/hung_task_timeout_secs to 20 and increasing\nATH11K_FLUSH_TIMEOUT to 50 we get below warnings:\n\nkernel: [ 120.763160] INFO: task wpa_supplicant:924 blocked for more than 20 seconds.\nkernel: [ 120.763169] Not tainted 5.10.90 #12\nkernel: [ 120.763177] \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nkernel: [ 120.763186] task:wpa_supplicant state:D stack: 0 pid: 924 ppid: 1 flags:0x000043a0\nkernel: [ 120.763201] Call Trace:\nkernel: [ 120.763214] __schedule+0x785/0x12fa\nkernel: [ 120.763224] ? lockdep_hardirqs_on_prepare+0xe2/0x1bb\nkernel: [ 120.763242] schedule+0x7e/0xa1\nkernel: [ 120.763253] schedule_timeout+0x98/0xfe\nkernel: [ 120.763266] ? run_local_timers+0x4a/0x4a\nkernel: [ 120.763291] ath11k_mac_flush_tx_complete+0x197/0x2b1 [ath11k 13c3a9bf37790f4ac8103b3decf7ab4008ac314a]\nkernel: [ 120.763306] ? init_wait_entry+0x2e/0x2e\nkernel: [ 120.763343] __ieee80211_flush_queues+0x167/0x21f [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763378] __ieee80211_recalc_idle+0x105/0x125 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763411] ieee80211_recalc_idle+0x14/0x27 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763441] ieee80211_free_chanctx+0x77/0xa2 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763473] __ieee80211_vif_release_channel+0x100/0x131 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763540] ieee80211_vif_release_channel+0x66/0x81 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763572] ieee80211_destroy_auth_data+0xa3/0xe6 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763612] ieee80211_mgd_deauth+0x178/0x29b [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763654] cfg80211_mlme_deauth+0x1a8/0x22c [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763697] nl80211_deauthenticate+0xfa/0x123 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763715] genl_rcv_msg+0x392/0x3c2\nkernel: [ 120.763750] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763782] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763802] ? genl_rcv+0x36/0x36\nkernel: [ 120.763814] netlink_rcv_skb+0x89/0xf7\nkernel: [ 120.763829] genl_rcv+0x28/0x36\nkernel: [ 120.763840] netlink_unicast+0x179/0x24b\nkernel: [ 120.763854] netlink_sendmsg+0x393/0x401\nkernel: [ 120.763872] sock_sendmsg+0x72/0x76\nkernel: [ 120.763886] ____sys_sendmsg+0x170/0x1e6\nkernel: [ 120.763897] ? copy_msghdr_from_user+0x7a/0xa2\nkernel: [ 120.763914] ___sys_sendmsg+0x95/0xd1\nkernel: [ 120.763940] __sys_sendmsg+0x85/0xbf\nkernel: [ 120.763956] do_syscall_64+0x43/0x55\nkernel: [ 120.763966] entry_SYSCALL_64_after_hwframe+0x44/0xa9\nkernel: [ 120.763977] RIP: 0033:0x79089f3fcc83\nkernel: [ 120.763986] RSP: 002b:00007ffe604f0508 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nkernel: [ 120.763997] RAX: ffffffffffffffda RBX: 000059b40e987690 RCX: 000079089f3fcc83\nkernel: [ 120.764006] RDX: 0000000000000000 RSI: 00007ffe604f0558 RDI: 0000000000000009\nkernel: [ 120.764014] RBP: 00007ffe604f0540 R08: 0000000000000004 R09: 0000000000400000\nkernel: [ 120.764023] R10: 00007ffe604f0638 R11: 0000000000000246 R12: 000059b40ea04980\nkernel: [ 120.764032] R13: 00007ffe604\n---truncated---"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.17.3", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.18", "versionStartIncluding": "5.6"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T18:53:36.446Z"}}}, "cveMetadata": {"cveId": "CVE-2022-49123", "state": "PUBLISHED", "dateUpdated": "2026-05-11T18:53:36.446Z", "dateReserved": "2025-02-26T01:49:39.265Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2025-02-26T01:55:02.697Z", "assignerShortName": "Linux"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "68AC7372-D098-4584-A82A-1F7CD731042F", "versionEndExcluding": "5.17.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nath11k: Fix frames flush failure caused by deadlock\n\nWe are seeing below warnings:\n\nkernel: [25393.301506] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421509] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421831] ath11k_pci 0000:01:00.0: dropping mgmt frame for vdev 0, is_started 0\n\nthis means ath11k fails to flush mgmt. frames because wmi_mgmt_tx_work\nhas no chance to run in 5 seconds.\n\nBy setting /proc/sys/kernel/hung_task_timeout_secs to 20 and increasing\nATH11K_FLUSH_TIMEOUT to 50 we get below warnings:\n\nkernel: [ 120.763160] INFO: task wpa_supplicant:924 blocked for more than 20 seconds.\nkernel: [ 120.763169] Not tainted 5.10.90 #12\nkernel: [ 120.763177] \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nkernel: [ 120.763186] task:wpa_supplicant state:D stack: 0 pid: 924 ppid: 1 flags:0x000043a0\nkernel: [ 120.763201] Call Trace:\nkernel: [ 120.763214] __schedule+0x785/0x12fa\nkernel: [ 120.763224] ? lockdep_hardirqs_on_prepare+0xe2/0x1bb\nkernel: [ 120.763242] schedule+0x7e/0xa1\nkernel: [ 120.763253] schedule_timeout+0x98/0xfe\nkernel: [ 120.763266] ? run_local_timers+0x4a/0x4a\nkernel: [ 120.763291] ath11k_mac_flush_tx_complete+0x197/0x2b1 [ath11k 13c3a9bf37790f4ac8103b3decf7ab4008ac314a]\nkernel: [ 120.763306] ? init_wait_entry+0x2e/0x2e\nkernel: [ 120.763343] __ieee80211_flush_queues+0x167/0x21f [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763378] __ieee80211_recalc_idle+0x105/0x125 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763411] ieee80211_recalc_idle+0x14/0x27 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763441] ieee80211_free_chanctx+0x77/0xa2 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763473] __ieee80211_vif_release_channel+0x100/0x131 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763540] ieee80211_vif_release_channel+0x66/0x81 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763572] ieee80211_destroy_auth_data+0xa3/0xe6 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763612] ieee80211_mgd_deauth+0x178/0x29b [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763654] cfg80211_mlme_deauth+0x1a8/0x22c [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763697] nl80211_deauthenticate+0xfa/0x123 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763715] genl_rcv_msg+0x392/0x3c2\nkernel: [ 120.763750] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763782] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763802] ? genl_rcv+0x36/0x36\nkernel: [ 120.763814] netlink_rcv_skb+0x89/0xf7\nkernel: [ 120.763829] genl_rcv+0x28/0x36\nkernel: [ 120.763840] netlink_unicast+0x179/0x24b\nkernel: [ 120.763854] netlink_sendmsg+0x393/0x401\nkernel: [ 120.763872] sock_sendmsg+0x72/0x76\nkernel: [ 120.763886] ____sys_sendmsg+0x170/0x1e6\nkernel: [ 120.763897] ? copy_msghdr_from_user+0x7a/0xa2\nkernel: [ 120.763914] ___sys_sendmsg+0x95/0xd1\nkernel: [ 120.763940] __sys_sendmsg+0x85/0xbf\nkernel: [ 120.763956] do_syscall_64+0x43/0x55\nkernel: [ 120.763966] entry_SYSCALL_64_after_hwframe+0x44/0xa9\nkernel: [ 120.763977] RIP: 0033:0x79089f3fcc83\nkernel: [ 120.763986] RSP: 002b:00007ffe604f0508 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nkernel: [ 120.763997] RAX: ffffffffffffffda RBX: 000059b40e987690 RCX: 000079089f3fcc83\nkernel: [ 120.764006] RDX: 0000000000000000 RSI: 00007ffe604f0558 RDI: 0000000000000009\nkernel: [ 120.764014] RBP: 00007ffe604f0540 R08: 0000000000000004 R09: 0000000000400000\nkernel: [ 120.764023] R10: 00007ffe604f0638 R11: 0000000000000246 R12: 000059b40ea04980\nkernel: [ 120.764032] R13: 00007ffe604\n---truncated---"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ath11k: Se corrige el error de vaciado de marcos causado por un bloqueo Vemos las siguientes advertencias: kernel: [25393.301506] ath11k_pci 0000:01:00.0: no se pudo vaciar la cola de transmisi\u00f3n mgmt 0 kernel: [25398.421509] ath11k_pci 0000:01:00.0: no se pudo vaciar la cola de transmisi\u00f3n mgmt 0 kernel: [25398.421831] ath11k_pci 0000:01:00.0: descartando marco mgmt para vdev 0, is_started 0 esto significa que ath11k no puede vaciar los marcos mgmt porque wmi_mgmt_tx_work no tiene posibilidad de ejecutarse en 5 segundos. Al establecer /proc/sys/kernel/hung_task_timeout_secs en 20 y aumentar ATH11K_FLUSH_TIMEOUT a 50 obtenemos las siguientes advertencias: kernel: [ 120.763160] INFO: tarea wpa_supplicant:924 bloqueada por m\u00e1s de 20 segundos. kernel: [ 120.763169] No contaminado 5.10.90 #12 kernel: [ 120.763177] \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" deshabilita este mensaje. kernel: [ 120.763186] tarea:wpa_supplicant estado:D pila: 0 pid: 924 ppid: 1 indicadores:0x000043a0 kernel: [ 120.763201] Seguimiento de llamadas: kernel: [ 120.763214] __schedule+0x785/0x12fa kernel: [ 120.763224] ? lockdep_hardirqs_on_prepare+0xe2/0x1bb kernel: [ 120.763242] schedule+0x7e/0xa1 kernel: [ 120.763253] schedule_timeout+0x98/0xfe kernel: [ 120.763266] ? run_local_timers+0x4a/0x4a kernel: [ 120.763291] ath11k_mac_flush_tx_complete+0x197/0x2b1 [ath11k 13c3a9bf37790f4ac8103b3decf7ab4008ac314a] kernel: [ 120.763306] ? init_wait_entry+0x2e/0x2e kernel: [ 120.763343] __ieee80211_flush_queues+0x167/0x21f [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763378] __ieee80211_recalc_idle+0x105/0x125 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763411] ieee80211_recalc_idle+0x14/0x27 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763441] ieee80211_free_chanctx+0x77/0xa2 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763473] __ieee80211_vif_release_channel+0x100/0x131 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763540] ieee80211_vif_release_channel+0x66/0x81 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763572] ieee80211_destroy_auth_data+0xa3/0xe6 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763612] ieee80211_mgd_deauth+0x178/0x29b [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763654] cfg80211_mlme_deauth+0x1a8/0x22c [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763697] nl80211_deauthenticate+0xfa/0x123 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763715] genl_rcv_msg+0x392/0x3c2 kernel: [ 120.763750] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763782] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763802] ? genl_rcv+0x36/0x36 kernel: [ 120.763814] netlink_rcv_skb+0x89/0xf7 kernel: [ 120.763829] genl_rcv+0x28/0x36 kernel: [ 120.763840] netlink_unicast+0x179/0x24b kernel: [ 120.763854] netlink_sendmsg+0x393/0x401 kernel: [ 120.763872] sock_sendmsg+0x72/0x76 kernel: [ 120.763886] ____sys_sendmsg+0x170/0x1e6 kernel: [ 120.763897] ? copy_msghdr_from_user+0x7a/0xa2 kernel: [ 120.763914] ___sys_sendmsg+0x95/0xd1 kernel: [ 120.763940] __sys_sendmsg+0x85/0xbf kernel: [ 120.763956] do_syscall_64+0x43/0x55 kernel: [ 120.763966] entry_SYSCALL_64_after_hwframe+0x44/0xa9 kernel: [ 120.763977] RIP: 0033:0x79089f3fcc83 kernel: [ 120.763986] RSP: 002b:00007ffe604f0508 EFLAGS: 00000246 ORIG_RAX: 000000000000002e n\u00facleo: [ 120.763997] RAX: ffffffffffffffda RBX: 000059b40e987690 RCX: 000079089f3fcc83 n\u00facleo: [ 120.764006] RDX: 0000000000000000 RSI: 00007ffe604f0558 RDI: 0000000000000009 n\u00facleo: [ 120.764014] RBP: 00007ffe604f0540 R08: 0000000000000004 R09: 0000000000400000 n\u00facleo: [ 120.764023] R10: 00007ffe604f0638 R11: 0000000000000246 R12: 000059b40ea04980 n\u00facleo: [ 120.764032] R13: 00007ffe604 ---truncado---"}], "id": "CVE-2022-49123", "lastModified": "2025-10-01T20:15:48.900", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-02-26T07:00:49.640", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/261b07519518bd14cb168b287b17e1d195f8d0c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/33e723dc054edfc94da90eecca3b72cb424ce4a3"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-667"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2022:7683", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-425.3.1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2022:8267", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2022:8267", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}], "bugzilla": {"description": "kernel: ath11k: Fix frames flush failure caused by deadlock", "id": "2348213", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348213"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-667", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nath11k: Fix frames flush failure caused by deadlock\nWe are seeing below warnings:\nkernel: [25393.301506] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421509] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421831] ath11k_pci 0000:01:00.0: dropping mgmt frame for vdev 0, is_started 0\nthis means ath11k fails to flush mgmt. frames because wmi_mgmt_tx_work\nhas no chance to run in 5 seconds.\nBy setting /proc/sys/kernel/hung_task_timeout_secs to 20 and increasing\nATH11K_FLUSH_TIMEOUT to 50 we get below warnings:\nkernel: [ 120.763160] INFO: task wpa_supplicant:924 blocked for more than 20 seconds.\nkernel: [ 120.763169] Not tainted 5.10.90 #12\nkernel: [ 120.763177] \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nkernel: [ 120.763186] task:wpa_supplicant state:D stack: 0 pid: 924 ppid: 1 flags:0x000043a0\nkernel: [ 120.763201] Call Trace:\nkernel: [ 120.763214] __schedule+0x785/0x12fa\nkernel: [ 120.763224] ? lockdep_hardirqs_on_prepare+0xe2/0x1bb\nkernel: [ 120.763242] schedule+0x7e/0xa1\nkernel: [ 120.763253] schedule_timeout+0x98/0xfe\nkernel: [ 120.763266] ? run_local_timers+0x4a/0x4a\nkernel: [ 120.763291] ath11k_mac_flush_tx_complete+0x197/0x2b1 [ath11k 13c3a9bf37790f4ac8103b3decf7ab4008ac314a]\nkernel: [ 120.763306] ? init_wait_entry+0x2e/0x2e\nkernel: [ 120.763343] __ieee80211_flush_queues+0x167/0x21f [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763378] __ieee80211_recalc_idle+0x105/0x125 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763411] ieee80211_recalc_idle+0x14/0x27 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763441] ieee80211_free_chanctx+0x77/0xa2 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763473] __ieee80211_vif_release_channel+0x100/0x131 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763540] ieee80211_vif_release_channel+0x66/0x81 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763572] ieee80211_destroy_auth_data+0xa3/0xe6 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763612] ieee80211_mgd_deauth+0x178/0x29b [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [ 120.763654] cfg80211_mlme_deauth+0x1a8/0x22c [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763697] nl80211_deauthenticate+0xfa/0x123 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763715] genl_rcv_msg+0x392/0x3c2\nkernel: [ 120.763750] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763782] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [ 120.763802] ? genl_rcv+0x36/0x36\nkernel: [ 120.763814] netlink_rcv_skb+0x89/0xf7\nkernel: [ 120.763829] genl_rcv+0x28/0x36\nkernel: [ 120.763840] netlink_unicast+0x179/0x24b\nkernel: [ 120.763854] netlink_sendmsg+0x393/0x401\nkernel: [ 120.763872] sock_sendmsg+0x72/0x76\nkernel: [ 120.763886] ____sys_sendmsg+0x170/0x1e6\nkernel: [ 120.763897] ? copy_msghdr_from_user+0x7a/0xa2\nkernel: [ 120.763914] ___sys_sendmsg+0x95/0xd1\nkernel: [ 120.763940] __sys_sendmsg+0x85/0xbf\nkernel: [ 120.763956] do_syscall_64+0x43/0x55\nkernel: [ 120.763966] entry_SYSCALL_64_after_hwframe+0x44/0xa9\nkernel: [ 120.763977] RIP: 0033:0x79089f3fcc83\nkernel: [ 120.763986] RSP: 002b:00007ffe604f0508 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nkernel: [ 120.763997] RAX: ffffffffffffffda RBX: 000059b40e987690 RCX: 000079089f3fcc83\nkernel: [ 120.764006] RDX: 0000000000000000 RSI: 00007ffe604f0558 RDI: 0000000000000009\nkernel: [ 120.764014] RBP: 00007ffe604f0540 R08: 0000000000000004 R09: 0000000000400000\nkernel: [ 120.764023] R10: 00007ffe604f0638 R11: 0000000000000246 R12: 000059b40ea04980\nkernel: [ 120.764032] R13: 00007ffe604\n---truncated---"], "name": "CVE-2022-49123", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49123\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49123\nhttps://lore.kernel.org/linux-cve-announce/2025022604-CVE-2022-49123-8a84@gregkh/T"], "threat_severity": "Moderate"}

{}