CVE-2024-40912

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-02158-g1b062f552873 #742

Description The issue is related to a deadlock in the ieee80211 sta ps deliver wakeup() function, which is part of the mac80211 component in the Linux kernel. This function takes a lock called sta->ps lock to synchronize with another function called ieee80211 tx h unicast ps buf(), which is called from a softirq context. However, using only spin lock() to get sta->ps lock in ieee80211 sta ps deliver wakeup() does not prevent softirq from executing on the same CPU, leading to a deadlock when it tries to take the same lock. This can cause a denial-of-service condition.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the deadlock in ieee80211 sta ps deliver wakeup(). Specifically, use spin lock bh()/spin unlock bh() instead of spin lock() to prevent softirq from raising on the same CPU that is holding the lock.

At the moment, there is no information about a newer version that contains a fix for this vulnerability.