CVE-2024-47713

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()<br /> <br /> Since &amp;#39;__dev_queue_xmit()&amp;#39; should be called with interrupts enabled,<br /> the following backtrace:<br /> <br /> ieee80211_do_stop()<br /> ...<br /> spin_lock_irqsave(&amp;local-&gt;queue_stop_reason_lock, flags)<br /> ...<br /> ieee80211_free_txskb()<br /> ieee80211_report_used_skb()<br /> ieee80211_report_ack_skb()<br /> cfg80211_mgmt_tx_status_ext()<br /> nl80211_frame_tx_status()<br /> genlmsg_multicast_netns()<br /> genlmsg_multicast_netns_filtered()<br /> nlmsg_multicast_filtered()<br /> netlink_broadcast_filtered()<br /> do_one_broadcast()<br /> netlink_broadcast_deliver()<br /> __netlink_sendskb()<br /> netlink_deliver_tap()<br /> __netlink_deliver_tap_skb()<br /> dev_queue_xmit()<br /> __dev_queue_xmit() ; with IRQS disabled<br /> ...<br /> spin_unlock_irqrestore(&amp;local-&gt;queue_stop_reason_lock, flags)<br /> <br /> issues the warning (as reported by syzbot reproducer):<br /> <br /> WARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120<br /> <br /> Fix this by implementing a two-phase skb reclamation in<br /> &amp;#39;ieee80211_do_stop()&amp;#39;, where actual work is performed<br /> outside of a section with interrupts disabled.