Linux Kernel Deadlock Vulnerability in IEEE 802.11 Beacon Management

Vulnerability

A deadlock vulnerability has been identified in the Linux kernel's handling of IEEE 802.11 beacons, specifically within the RTL8192U staging driver. The issue arises in the 'ieee80211_beacons_stop()' function, where a circular wait condition occurs between two threads. Thread 1 holds a lock while waiting for a timer to stop, and Thread 2 requires the same lock to release the timer, leading to a permanent block. The vulnerability has been addressed by modifying the function to allow the timer to be released without holding the lock, thereby preventing the deadlock.

Impact

Exploitation of this vulnerability leads to a deadlock condition, causing the 'ieee80211_beacons_stop()' function to block indefinitely.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Deadlock Vulnerability in IEEE 802.11 Beacon Management

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating