CVE-2022-48784

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a race condition in the Linux kernel, specifically in the cfg80211 component. This condition can occur when cfg80211 destroy ifaces() runs while nl80211 netlink notify() is still marking some interfaces as nl owner dead. The problem arises from having two loops: one for closing netdevs and another for destroying them. If there are two netdevs, the first one can be closed during the first iteration, and then during the second iteration, the code may try to destroy both, including the one that was not closed yet. This can lead to a deadlock. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.