{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T08:39:24.157","vulnerabilities":[{"cve":{"id":"CVE-2022-49311","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-02-26T07:01:07.887","lastModified":"2025-10-01T20:16:04.783","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle()\n\nThere is a deadlock in rtw_joinbss_event_prehandle(), which is shown\nbelow:\n\n   (Thread 1)                |      (Thread 2)\n                             | _set_timer()\nrtw_joinbss_event_prehandle()|  mod_timer()\n spin_lock_bh() //(1)        |  (wait a time)\n ...                         | _rtw_join_timeout_handler()\n del_timer_sync()            |  spin_lock_bh() //(2)\n (wait timer to stop)        |  ...\n\nWe hold pmlmepriv->lock in position (1) of thread 1 and\nuse del_timer_sync() to wait timer to stop, but timer handler\nalso need pmlmepriv->lock in position (2) of thread 2.\nAs a result, rtw_joinbss_event_prehandle() will block forever.\n\nThis patch extracts del_timer_sync() from the protection of\nspin_lock_bh(), which could let timer handler to obtain\nthe needed lock. What`s more, we change spin_lock_bh() to\nspin_lock_irq() in _rtw_join_timeout_handler() in order to\nprevent deadlock."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drivers: staging: rtl8192bs: Corregir bloqueo en rtw_joinbss_event_prehandle() Hay un bloqueo en rtw_joinbss_event_prehandle(), que se muestra a continuación: (Hilo 1) | (Hilo 2) | _set_timer() rtw_joinbss_event_prehandle()| mod_timer() spin_lock_bh() //(1) | (esperar un tiempo) ... | _rtw_join_timeout_handler() del_timer_sync() | spin_lock_bh() //(2) (esperar a que el temporizador se detenga) | ... Mantenemos pmlmepriv->lock en la posición (1) del hilo 1 y usamos del_timer_sync() para esperar a que el temporizador se detenga, pero el controlador del temporizador también necesita pmlmepriv->lock en la posición (2) del hilo 2. Como resultado, rtw_joinbss_event_prehandle() se bloqueará para siempre. Este parche extrae del_timer_sync() de la protección de spin_lock_bh(), lo que podría permitir que el controlador del temporizador obtenga el bloqueo necesario. Además, cambiamos spin_lock_bh() por spin_lock_irq() en _rtw_join_timeout_handler() para evitar el bloqueo."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-667"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-667"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.47","matchCriteriaId":"30EAD0EB-B3D1-4A88-A3D8-4F8242E81A01"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"5.17.15","matchCriteriaId":"53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"5.18.4","matchCriteriaId":"FA6D643C-6D6A-4821-8A8D-B5776B8F0103"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/041879b12ddb0c6c83ed9c0bdd10dc82a056f2fc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1f6c99b94ca3caad346876b3e22e3ca3d25bc8ee","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ae60744d5fad840b9d056d35b4b652d95e755846","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/eca9748d9267a38d532464e3305a38629e9c35a9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}