{
  "threat_severity" : "Moderate",
  "public_date" : "2025-02-26T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: ath11k: Fix frames flush failure caused by deadlock",
    "id" : "2348213",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2348213"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-667",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nath11k: Fix frames flush failure caused by deadlock\nWe are seeing below warnings:\nkernel: [25393.301506] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421509] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0\nkernel: [25398.421831] ath11k_pci 0000:01:00.0: dropping mgmt frame for vdev 0, is_started 0\nthis means ath11k fails to flush mgmt. frames because wmi_mgmt_tx_work\nhas no chance to run in 5 seconds.\nBy setting /proc/sys/kernel/hung_task_timeout_secs to 20 and increasing\nATH11K_FLUSH_TIMEOUT to 50 we get below warnings:\nkernel: [  120.763160] INFO: task wpa_supplicant:924 blocked for more than 20 seconds.\nkernel: [  120.763169]       Not tainted 5.10.90 #12\nkernel: [  120.763177] \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nkernel: [  120.763186] task:wpa_supplicant  state:D stack:    0 pid:  924 ppid:     1 flags:0x000043a0\nkernel: [  120.763201] Call Trace:\nkernel: [  120.763214]  __schedule+0x785/0x12fa\nkernel: [  120.763224]  ? lockdep_hardirqs_on_prepare+0xe2/0x1bb\nkernel: [  120.763242]  schedule+0x7e/0xa1\nkernel: [  120.763253]  schedule_timeout+0x98/0xfe\nkernel: [  120.763266]  ? run_local_timers+0x4a/0x4a\nkernel: [  120.763291]  ath11k_mac_flush_tx_complete+0x197/0x2b1 [ath11k 13c3a9bf37790f4ac8103b3decf7ab4008ac314a]\nkernel: [  120.763306]  ? init_wait_entry+0x2e/0x2e\nkernel: [  120.763343]  __ieee80211_flush_queues+0x167/0x21f [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [  120.763378]  __ieee80211_recalc_idle+0x105/0x125 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [  120.763411]  ieee80211_recalc_idle+0x14/0x27 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [  120.763441]  ieee80211_free_chanctx+0x77/0xa2 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [  120.763473]  __ieee80211_vif_release_channel+0x100/0x131 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [  120.763540]  ieee80211_vif_release_channel+0x66/0x81 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [  120.763572]  ieee80211_destroy_auth_data+0xa3/0xe6 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [  120.763612]  ieee80211_mgd_deauth+0x178/0x29b [mac80211 335da900954f1c5ea7f1613d92088ce83342042c]\nkernel: [  120.763654]  cfg80211_mlme_deauth+0x1a8/0x22c [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [  120.763697]  nl80211_deauthenticate+0xfa/0x123 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [  120.763715]  genl_rcv_msg+0x392/0x3c2\nkernel: [  120.763750]  ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [  120.763782]  ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be]\nkernel: [  120.763802]  ? genl_rcv+0x36/0x36\nkernel: [  120.763814]  netlink_rcv_skb+0x89/0xf7\nkernel: [  120.763829]  genl_rcv+0x28/0x36\nkernel: [  120.763840]  netlink_unicast+0x179/0x24b\nkernel: [  120.763854]  netlink_sendmsg+0x393/0x401\nkernel: [  120.763872]  sock_sendmsg+0x72/0x76\nkernel: [  120.763886]  ____sys_sendmsg+0x170/0x1e6\nkernel: [  120.763897]  ? copy_msghdr_from_user+0x7a/0xa2\nkernel: [  120.763914]  ___sys_sendmsg+0x95/0xd1\nkernel: [  120.763940]  __sys_sendmsg+0x85/0xbf\nkernel: [  120.763956]  do_syscall_64+0x43/0x55\nkernel: [  120.763966]  entry_SYSCALL_64_after_hwframe+0x44/0xa9\nkernel: [  120.763977] RIP: 0033:0x79089f3fcc83\nkernel: [  120.763986] RSP: 002b:00007ffe604f0508 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nkernel: [  120.763997] RAX: ffffffffffffffda RBX: 000059b40e987690 RCX: 000079089f3fcc83\nkernel: [  120.764006] RDX: 0000000000000000 RSI: 00007ffe604f0558 RDI: 0000000000000009\nkernel: [  120.764014] RBP: 00007ffe604f0540 R08: 0000000000000004 R09: 0000000000400000\nkernel: [  120.764023] R10: 00007ffe604f0638 R11: 0000000000000246 R12: 000059b40ea04980\nkernel: [  120.764032] R13: 00007ffe604\n---truncated---" ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-11-08T00:00:00Z",
    "advisory" : "RHSA-2022:7683",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-425.3.1.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2022-11-15T00:00:00Z",
    "advisory" : "RHSA-2022:8267",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-162.6.1.el9_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2022-11-15T00:00:00Z",
    "advisory" : "RHSA-2022:8267",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-162.6.1.el9_1"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-49123\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49123\nhttps://lore.kernel.org/linux-cve-announce/2025022604-CVE-2022-49123-8a84@gregkh/T" ],
  "name" : "CVE-2022-49123",
  "csaw" : false
}