Linux Kernel Soft Lockup Vulnerability in rtw89 WiFi Driver Management Role Calculation

Vulnerability

A vulnerability in the Linux kernel's WiFi rtw89 driver can lead to a soft lockup, where the CPU becomes unresponsive for an extended period. This issue occurs in the 'rtw89_entity_recalc_mgnt_roles()' function, during a process that normalizes and re-orders a list based on specific patterns. The vulnerability arises because the function fails to properly exit an outer loop after finding a matching entry, allowing the process to continue unnecessarily. While this typically does not cause a lockup, certain conditions can trigger the issue, causing the CPU to be stuck for a significant time. The problem has been observed in kernel logs, indicating a soft lockup scenario where a process was halted for 26 seconds.

Impact

Exploitation of this vulnerability leads to a soft lockup, causing the CPU to become unresponsive for an extended period.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Soft Lockup Vulnerability in rtw89 WiFi Driver Management Role Calculation

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating