CVE-2022-49131

{"id": "CVE-2022-49131", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-02-26T07:00:50.393", "references": [{"url": "https://git.kernel.org/stable/c/22b59cb965f79ee1accf83172441c9ca0ecb632a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/38e488db194dc16d2eb23c77c6a8c04ff583c40d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/699e8c87e5c406af0f0606f40eeebd248c51b702", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c4b7653af62a9a5efe2856183d1f987c5429758b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c6a815f5abdf324108799829dd19ea62fef4bf95", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nath11k: fix kernel panic during unload/load ath11k modules\n\nCall netif_napi_del() from ath11k_ahb_free_ext_irq() to fix\nthe following kernel panic when unload/load ath11k modules\nfor few iterations.\n\n[ 971.201365] Unable to handle kernel paging request at virtual address 6d97a208\n[ 971.204227] pgd = 594c2919\n[ 971.211478] [6d97a208] *pgd=00000000\n[ 971.214120] Internal error: Oops: 5 [#1] PREEMPT SMP ARM\n[ 971.412024] CPU: 2 PID: 4435 Comm: insmod Not tainted 5.4.89 #0\n[ 971.434256] Hardware name: Generic DT based system\n[ 971.440165] PC is at napi_by_id+0x10/0x40\n[ 971.445019] LR is at netif_napi_add+0x160/0x1dc\n\n[ 971.743127] (napi_by_id) from [<807d89a0>] (netif_napi_add+0x160/0x1dc)\n[ 971.751295] (netif_napi_add) from [<7f1209ac>] (ath11k_ahb_config_irq+0xf8/0x414 [ath11k_ahb])\n[ 971.759164] (ath11k_ahb_config_irq [ath11k_ahb]) from [<7f12135c>] (ath11k_ahb_probe+0x40c/0x51c [ath11k_ahb])\n[ 971.768567] (ath11k_ahb_probe [ath11k_ahb]) from [<80666864>] (platform_drv_probe+0x48/0x94)\n[ 971.779670] (platform_drv_probe) from [<80664718>] (really_probe+0x1c8/0x450)\n[ 971.789389] (really_probe) from [<80664cc4>] (driver_probe_device+0x15c/0x1b8)\n[ 971.797547] (driver_probe_device) from [<80664f60>] (device_driver_attach+0x44/0x60)\n[ 971.805795] (device_driver_attach) from [<806650a0>] (__driver_attach+0x124/0x140)\n[ 971.814822] (__driver_attach) from [<80662adc>] (bus_for_each_dev+0x58/0xa4)\n[ 971.823328] (bus_for_each_dev) from [<80663a2c>] (bus_add_driver+0xf0/0x1e8)\n[ 971.831662] (bus_add_driver) from [<806658a4>] (driver_register+0xa8/0xf0)\n[ 971.839822] (driver_register) from [<8030269c>] (do_one_initcall+0x78/0x1ac)\n[ 971.847638] (do_one_initcall) from [<80392524>] (do_init_module+0x54/0x200)\n[ 971.855968] (do_init_module) from [<803945b0>] (load_module+0x1e30/0x1ffc)\n[ 971.864126] (load_module) from [<803948b0>] (sys_init_module+0x134/0x17c)\n[ 971.871852] (sys_init_module) from [<80301000>] (ret_fast_syscall+0x0/0x50)\n\nTested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.6.0.1-00760-QCAHKSWPL_SILICONZ-1"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ath11k: corrige el p\u00e1nico del kernel durante la descarga/carga de m\u00f3dulos ath11k Llame a netif_napi_del() desde ath11k_ahb_free_ext_irq() para corregir el siguiente p\u00e1nico del kernel al descargar/cargar m\u00f3dulos ath11k durante algunas iteraciones. [ 971.201365] No se puede manejar la solicitud de paginaci\u00f3n del n\u00facleo en la direcci\u00f3n virtual 6d97a208 [ 971.204227] pgd = 594c2919 [ 971.211478] [6d97a208] *pgd=00000000 [ 971.214120] Error interno: Oops: 5 [#1] PREEMPT SMP ARM [ 971.412024] CPU: 2 PID: 4435 Comm: insmod No contaminado 5.4.89 #0 [ 971.434256] Nombre del hardware: Sistema gen\u00e9rico basado en DT [ 971.440165] La PC est\u00e1 en napi_by_id+0x10/0x40 [ 971.445019] LR est\u00e1 en netif_napi_add+0x160/0x1dc [ 971.743127] (napi_by_id) desde [&lt;807d89a0&gt;] (netif_napi_add+0x160/0x1dc) [ 971.751295] (netif_napi_add) desde [&lt;7f1209ac&gt;] (ath11k_ahb_config_irq+0xf8/0x414 [ath11k_ahb]) [ 971.759164] (ath11k_ahb_config_irq [ath11k_ahb]) desde [&lt;7f12135c&gt;] (ath11k_ahb_probe+0x40c/0x51c [ath11k_ahb]) [ 971.768567] (ath11k_ahb_probe [ath11k_ahb]) desde [&lt;80666864&gt;] (platform_drv_probe+0x48/0x94) [ 971.779670] (platform_drv_probe) desde [&lt;80664718&gt;] (really_probe+0x1c8/0x450) [ 971.789389] (really_probe) desde [&lt;80664cc4&gt;] (driver_probe_device+0x15c/0x1b8) [ 971.797547] (driver_probe_device) desde [&lt;80664f60&gt;] (device_driver_attach+0x44/0x60) [ 971.805795] (device_driver_attach) desde [&lt;806650a0&gt;] (__driver_attach+0x124/0x140) [ 971.814822] (__driver_attach) desde [&lt;80662adc&gt;] (bus_for_each_dev+0x58/0xa4) [ 971.823328] (bus_for_each_dev) desde [&lt;80663a2c&gt;] (bus_add_driver+0xf0/0x1e8) [ 971.831662] (bus_add_driver) desde [&lt;806658a4&gt;] (driver_register+0xa8/0xf0) [ 971.839822] (driver_register) desde [&lt;8030269c&gt;] (do_one_initcall+0x78/0x1ac) [ 971.847638] (do_one_initcall) desde [&lt;80392524&gt;] (do_init_module+0x54/0x200) [ 971.855968] (do_init_module) desde [&lt;803945b0&gt;] (load_module+0x1e30/0x1ffc) [ 971.864126] (load_module) desde [&lt;803948b0&gt;] (sys_init_module+0x134/0x17c) [ 971.871852] (sys_init_module) desde [&lt;80301000&gt;] (ret_fast_syscall+0x0/0x50) Probado en: IPQ8074 hw2.0 AHB WLAN.HK.2.6.0.1-00760-QCAHKSWPL_SILICONZ-1"}], "lastModified": "2025-03-13T21:31:46.303", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "983DAD06-CBCB-46BF-A9E0-3D277B7474DB", "versionEndExcluding": "5.10.111"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D25878D3-7761-4E9F-8919-E92CD53896E0", "versionEndExcluding": "5.15.34", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABBBA66E-0244-4621-966B-9790AF1EEB00", "versionEndExcluding": "5.16.20", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE420AC7-1E59-4398-B84F-71F4B4337762", "versionEndExcluding": "5.17.3", "versionStartIncluding": "5.17"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}