ghsa-wvpr-fjqj-5xh3
Vulnerability from github
Published
2025-03-14 00:30
Modified
2025-03-14 00:30
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

ath11k: fix kernel panic during unload/load ath11k modules

Call netif_napi_del() from ath11k_ahb_free_ext_irq() to fix the following kernel panic when unload/load ath11k modules for few iterations.

[ 971.201365] Unable to handle kernel paging request at virtual address 6d97a208 [ 971.204227] pgd = 594c2919 [ 971.211478] [6d97a208] *pgd=00000000 [ 971.214120] Internal error: Oops: 5 [#1] PREEMPT SMP ARM [ 971.412024] CPU: 2 PID: 4435 Comm: insmod Not tainted 5.4.89 #0 [ 971.434256] Hardware name: Generic DT based system [ 971.440165] PC is at napi_by_id+0x10/0x40 [ 971.445019] LR is at netif_napi_add+0x160/0x1dc

[ 971.743127] (napi_by_id) from [<807d89a0>] (netif_napi_add+0x160/0x1dc) [ 971.751295] (netif_napi_add) from [<7f1209ac>] (ath11k_ahb_config_irq+0xf8/0x414 [ath11k_ahb]) [ 971.759164] (ath11k_ahb_config_irq [ath11k_ahb]) from [<7f12135c>] (ath11k_ahb_probe+0x40c/0x51c [ath11k_ahb]) [ 971.768567] (ath11k_ahb_probe [ath11k_ahb]) from [<80666864>] (platform_drv_probe+0x48/0x94) [ 971.779670] (platform_drv_probe) from [<80664718>] (really_probe+0x1c8/0x450) [ 971.789389] (really_probe) from [<80664cc4>] (driver_probe_device+0x15c/0x1b8) [ 971.797547] (driver_probe_device) from [<80664f60>] (device_driver_attach+0x44/0x60) [ 971.805795] (device_driver_attach) from [<806650a0>] (__driver_attach+0x124/0x140) [ 971.814822] (__driver_attach) from [<80662adc>] (bus_for_each_dev+0x58/0xa4) [ 971.823328] (bus_for_each_dev) from [<80663a2c>] (bus_add_driver+0xf0/0x1e8) [ 971.831662] (bus_add_driver) from [<806658a4>] (driver_register+0xa8/0xf0) [ 971.839822] (driver_register) from [<8030269c>] (do_one_initcall+0x78/0x1ac) [ 971.847638] (do_one_initcall) from [<80392524>] (do_init_module+0x54/0x200) [ 971.855968] (do_init_module) from [<803945b0>] (load_module+0x1e30/0x1ffc) [ 971.864126] (load_module) from [<803948b0>] (sys_init_module+0x134/0x17c) [ 971.871852] (sys_init_module) from [<80301000>] (ret_fast_syscall+0x0/0x50)

Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.6.0.1-00760-QCAHKSWPL_SILICONZ-1

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-49131"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:00:50Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nath11k: fix kernel panic during unload/load ath11k modules\n\nCall netif_napi_del() from ath11k_ahb_free_ext_irq() to fix\nthe following kernel panic when unload/load ath11k modules\nfor few iterations.\n\n[  971.201365] Unable to handle kernel paging request at virtual address 6d97a208\n[  971.204227] pgd = 594c2919\n[  971.211478] [6d97a208] *pgd=00000000\n[  971.214120] Internal error: Oops: 5 [#1] PREEMPT SMP ARM\n[  971.412024] CPU: 2 PID: 4435 Comm: insmod Not tainted 5.4.89 #0\n[  971.434256] Hardware name: Generic DT based system\n[  971.440165] PC is at napi_by_id+0x10/0x40\n[  971.445019] LR is at netif_napi_add+0x160/0x1dc\n\n[  971.743127] (napi_by_id) from [\u003c807d89a0\u003e] (netif_napi_add+0x160/0x1dc)\n[  971.751295] (netif_napi_add) from [\u003c7f1209ac\u003e] (ath11k_ahb_config_irq+0xf8/0x414 [ath11k_ahb])\n[  971.759164] (ath11k_ahb_config_irq [ath11k_ahb]) from [\u003c7f12135c\u003e] (ath11k_ahb_probe+0x40c/0x51c [ath11k_ahb])\n[  971.768567] (ath11k_ahb_probe [ath11k_ahb]) from [\u003c80666864\u003e] (platform_drv_probe+0x48/0x94)\n[  971.779670] (platform_drv_probe) from [\u003c80664718\u003e] (really_probe+0x1c8/0x450)\n[  971.789389] (really_probe) from [\u003c80664cc4\u003e] (driver_probe_device+0x15c/0x1b8)\n[  971.797547] (driver_probe_device) from [\u003c80664f60\u003e] (device_driver_attach+0x44/0x60)\n[  971.805795] (device_driver_attach) from [\u003c806650a0\u003e] (__driver_attach+0x124/0x140)\n[  971.814822] (__driver_attach) from [\u003c80662adc\u003e] (bus_for_each_dev+0x58/0xa4)\n[  971.823328] (bus_for_each_dev) from [\u003c80663a2c\u003e] (bus_add_driver+0xf0/0x1e8)\n[  971.831662] (bus_add_driver) from [\u003c806658a4\u003e] (driver_register+0xa8/0xf0)\n[  971.839822] (driver_register) from [\u003c8030269c\u003e] (do_one_initcall+0x78/0x1ac)\n[  971.847638] (do_one_initcall) from [\u003c80392524\u003e] (do_init_module+0x54/0x200)\n[  971.855968] (do_init_module) from [\u003c803945b0\u003e] (load_module+0x1e30/0x1ffc)\n[  971.864126] (load_module) from [\u003c803948b0\u003e] (sys_init_module+0x134/0x17c)\n[  971.871852] (sys_init_module) from [\u003c80301000\u003e] (ret_fast_syscall+0x0/0x50)\n\nTested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.6.0.1-00760-QCAHKSWPL_SILICONZ-1",
  "id": "GHSA-wvpr-fjqj-5xh3",
  "modified": "2025-03-14T00:30:50Z",
  "published": "2025-03-14T00:30:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49131"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/22b59cb965f79ee1accf83172441c9ca0ecb632a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/38e488db194dc16d2eb23c77c6a8c04ff583c40d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/699e8c87e5c406af0f0606f40eeebd248c51b702"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c4b7653af62a9a5efe2856183d1f987c5429758b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c6a815f5abdf324108799829dd19ea62fef4bf95"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.