CVE-2022-49129

Summary

In the Linux kernel, the following vulnerability has been resolved:

mt76: mt7921: fix crash when startup fails.

If the nic fails to start, it is possible that the reset_work has already been scheduled. Ensure the work item is canceled so we do not have use-after-free crash in case cleanup is called before the work item is executed.

This fixes crash on my x86_64 apu2 when mt7921k radio fails to work. Radio still fails, but OS does not crash.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe0f9fdda81bd32371ddac9222487e612027d8de2 < 38fbe806645090c07aa97171f20fc62c3d7d3a98affected
LinuxLinuxe0f9fdda81bd32371ddac9222487e612027d8de2 < c1a5e6002ec441a3b9fb4d048b4b49ae93409a46affected
LinuxLinuxe0f9fdda81bd32371ddac9222487e612027d8de2 < ac1260b661c2ef0d0a56680cdb5672b931b7be8faffected
LinuxLinuxe0f9fdda81bd32371ddac9222487e612027d8de2 < 827e7799c61b978fbc2cc9dac66cb62401b2b3f0affected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux5.15.34 <= 5.15.*unaffected
LinuxLinux5.16.20 <= 5.16.*unaffected
LinuxLinux5.17.3 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References