Linux Kernel Deadlock Vulnerability in rtw_joinbss_event_prehandle()

Vulnerability

A deadlock vulnerability has been identified in the Linux kernel's handling of Wi-Fi events, specifically within the RTL8192BS driver. The issue arises in the rtw_joinbss_event_prehandle() function, where two threads can become stuck waiting for each other to release locks, causing a permanent blockage. This deadlock occurs because one thread holds a lock while waiting for a timer to stop, and the timer's handler also requires the same lock, leading to a circular wait condition.

Impact

Exploitation of this vulnerability leads to a deadlock, where the rtw_joinbss_event_prehandle() function is blocked indefinitely, potentially causing disruptions in Wi-Fi connectivity or performance.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Deadlock Vulnerability in rtw_joinbss_event_prehandle()

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating