CVE-2022-49941

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.10.137

Description A problem has been identified in the Linux kernel where a sleeping function is called from an invalid context. This issue occurs when the console lock() function is called while holding a spinlock, which can lead to a bug. The problem is caused by the gsmld write() function taking a spinlock on TX data and then calling con write(), which in turn calls console lock(). Since console lock() might sleep, it should not be called with a spinlock held. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the patch replacing the tx lock spinlock with a mutex. At the moment, there is no information about a newer version that contains a fix for this vulnerability.