CVE-2022-49305

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()<br /> <br /> There is a deadlock in ieee80211_beacons_stop(), which is shown below:<br /> <br /> (Thread 1) | (Thread 2)<br /> | ieee80211_send_beacon()<br /> ieee80211_beacons_stop() | mod_timer()<br /> spin_lock_irqsave() //(1) | (wait a time)<br /> ... | ieee80211_send_beacon_cb()<br /> del_timer_sync() | spin_lock_irqsave() //(2)<br /> (wait timer to stop) | ...<br /> <br /> We hold ieee-&gt;beacon_lock in position (1) of thread 1 and use<br /> del_timer_sync() to wait timer to stop, but timer handler<br /> also need ieee-&gt;beacon_lock in position (2) of thread 2.<br /> As a result, ieee80211_beacons_stop() will block forever.<br /> <br /> This patch extracts del_timer_sync() from the protection of<br /> spin_lock_irqsave(), which could let timer handler to obtain<br /> the needed lock.