CVE-2022-49476

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.14-1.fc32.qubes.x86 64

Description A kernel crash issue has been identified in the Linux kernel, specifically in the mt7921 driver. The crash occurs when the mt7921 irq handler function is called while devm free irq is being handled, causing a NULL pointer dereference. This issue is related to the premature freeing of the mt76 device. A crash log has been provided, showing a kernel NULL pointer dereference error.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the mt7921 driver. As a temporary workaround, consider disabling the mt7921 irq handler function until a patch is available. Restrict access to the vulnerable mt76 device to minimize the risk of exploitation. Avoid using the devm free irq function in conjunction with the mt7921 irq handler function until the issue is resolved.