CVE-2022-49123: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: [25393.301506] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: [25398.421509] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: [25398.421831] ath11k_pci 0000:01:00.0: dropping mgmt frame for vdev 0, is_started 0 this means ath11k fails to flush mgmt. frames because wmi_mgmt_tx_work has no chance to run in 5 seconds. By setting /proc/sys/kernel/hung_task_timeout_secs to 20 and increasing ATH11K_FLUSH_TIMEOUT to 50 we get below warnings: kernel: [ 120.763160] INFO: task wpa_supplicant:924 blocked for more than 20 seconds. kernel: [ 120.763169] Not tainted 5.10.90 #12 kernel: [ 120.763177] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kernel: [ 120.763186] task:wpa_supplicant state:D stack: 0 pid: 924 ppid: 1 flags:0x000043a0 kernel: [ 120.763201] Call Trace: kernel: [ 120.763214] __schedule+0x785/0x12fa kernel: [ 120.763224] ? lockdep_hardirqs_on_prepare+0xe2/0x1bb kernel: [ 120.763242] schedule+0x7e/0xa1 kernel: [ 120.763253] schedule_timeout+0x98/0xfe kernel: [ 120.763266] ? run_local_timers+0x4a/0x4a kernel: [ 120.763291] ath11k_mac_flush_tx_complete+0x197/0x2b1 [ath11k 13c3a9bf37790f4ac8103b3decf7ab4008ac314a] kernel: [ 120.763306] ? init_wait_entry+0x2e/0x2e kernel: [ 120.763343] __ieee80211_flush_queues+0x167/0x21f [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763378] __ieee80211_recalc_idle+0x105/0x125 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763411] ieee80211_recalc_idle+0x14/0x27 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763441] ieee80211_free_chanctx+0x77/0xa2 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763473] __ieee80211_vif_release_channel+0x100/0x131 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763540] ieee80211_vif_release_channel+0x66/0x81 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763572] ieee80211_destroy_auth_data+0xa3/0xe6 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763612] ieee80211_mgd_deauth+0x178/0x29b [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763654] cfg80211_mlme_deauth+0x1a8/0x22c [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763697] nl80211_deauthenticate+0xfa/0x123 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763715] genl_rcv_msg+0x392/0x3c2 kernel: [ 120.763750] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763782] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763802] ? genl_rcv+0x36/0x36 kernel: [ 120.763814] netlink_rcv_skb+0x89/0xf7 kernel: [ 120.763829] genl_rcv+0x28/0x36 kernel: [ 120.763840] netlink_unicast+0x179/0x24b kernel: [ 120.763854] netlink_sendmsg+0x393/0x401 kernel: [ 120.763872] sock_sendmsg+0x72/0x76 kernel: [ 120.763886] ____sys_sendmsg+0x170/0x1e6 kernel: [ 120.763897] ? copy_msghdr_from_user+0x7a/0xa2 kernel: [ 120.763914] ___sys_sendmsg+0x95/0xd1 kernel: [ 120.763940] __sys_sendmsg+0x85/0xbf kernel: [ 120.763956] do_syscall_64+0x43/0x55 kernel: [ 120.763966] entry_SYSCALL_64_after_hwframe+0x44/0xa9 kernel: [ 120.763977] RIP: 0033:0x79089f3fcc83 kernel: [ 120.763986] RSP: 002b:00007ffe604f0508 EFLAGS: 00000246 ORIG_RAX: 000000000000002e kernel: [ 120.763997] RAX: ffffffffffffffda RBX: 000059b40e987690 RCX: 000079089f3fcc83 kernel: [ 120.764006] RDX: 0000000000000000 RSI: 00007ffe604f0558 RDI: 0000000000000009 kernel: [ 120.764014] RBP: 00007ffe604f0540 R08: 0000000000000004 R09: 0000000000400000 kernel: [ 120.764023] R10: 00007ffe604f0638 R11: 0000000000000246 R12: 000059b40ea04980 kernel: [ 120.764032] R13: 00007ffe604 ---truncated---
AI Analysis
Technical Summary
CVE-2022-49123 is a vulnerability identified in the Linux kernel specifically affecting the ath11k wireless driver, which supports Qualcomm's Wi-Fi 6 (802.11ax) chipsets. The issue arises from a deadlock condition during the flushing of management frames in the ath11k driver. The kernel logs indicate failures to flush management transmit queues, with messages such as "failed to flush mgmt transmit queue 0" and "dropping mgmt frame for vdev 0, is_started 0." This deadlock occurs because the workqueue responsible for transmitting management frames (wmi_mgmt_tx_work) is unable to execute within the expected timeframe (5 seconds), causing the system to block and generate hung task warnings. Attempts to mitigate by increasing kernel hung task timeout and flush timeout parameters only delay the symptoms rather than resolve the underlying deadlock. The stack traces show that the deadlock impacts critical mac80211 and cfg80211 subsystems responsible for Wi-Fi management, including deauthentication and channel release operations. This can lead to stalled wireless operations, degraded network connectivity, and potential denial of service (DoS) conditions on affected Linux systems. The vulnerability is intrinsic to the Linux kernel's handling of ath11k management frame flushing and does not require user interaction or authentication to manifest once the driver is in use. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The affected versions correspond to specific Linux kernel commits identified by their hashes, indicating the issue is present in certain recent kernel builds prior to the fix. The vulnerability is primarily a stability and availability concern related to wireless networking on Linux systems using ath11k hardware.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with the ath11k driver enabled, which includes many enterprise and industrial Linux deployments using Qualcomm Wi-Fi 6 chipsets. The impact centers on potential denial of service scenarios where wireless network connectivity can be disrupted due to the deadlock in management frame flushing. This can affect critical infrastructure, office networks, and remote access services relying on stable Wi-Fi connections. Organizations in sectors such as telecommunications, manufacturing, public administration, and research institutions that deploy Linux-based wireless access points or client devices may experience network outages or degraded performance. The inability to properly flush management frames could also complicate wireless network management and security operations, such as deauthentication and roaming. While no direct confidentiality or integrity compromise is indicated, the availability impact can disrupt business continuity and operational efficiency. Given the widespread use of Linux in European IT environments and the increasing adoption of Wi-Fi 6 hardware, the vulnerability could affect a broad range of systems if unpatched.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should: 1) Identify Linux systems using the ath11k driver by auditing kernel modules and hardware inventories. 2) Apply the latest Linux kernel updates that include the fix for CVE-2022-49123 as soon as they become available from trusted Linux distributions or kernel maintainers. 3) Temporarily, avoid increasing hung task timeout parameters as this only delays detection and does not resolve the deadlock. 4) Consider disabling or replacing affected wireless hardware if kernel updates are not immediately feasible, especially in critical environments. 5) Monitor kernel logs for hung task warnings related to ath11k and management frame flushing to detect potential occurrences. 6) Implement network segmentation and redundancy to minimize the impact of wireless outages. 7) Engage with hardware vendors to confirm compatibility and support for patched drivers. 8) Test kernel updates in controlled environments before wide deployment to ensure stability. These steps go beyond generic advice by focusing on driver-specific identification, proactive patch management, and operational monitoring tailored to the ath11k wireless subsystem.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain, Poland, Belgium
CVE-2022-49123: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: [25393.301506] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: [25398.421509] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: [25398.421831] ath11k_pci 0000:01:00.0: dropping mgmt frame for vdev 0, is_started 0 this means ath11k fails to flush mgmt. frames because wmi_mgmt_tx_work has no chance to run in 5 seconds. By setting /proc/sys/kernel/hung_task_timeout_secs to 20 and increasing ATH11K_FLUSH_TIMEOUT to 50 we get below warnings: kernel: [ 120.763160] INFO: task wpa_supplicant:924 blocked for more than 20 seconds. kernel: [ 120.763169] Not tainted 5.10.90 #12 kernel: [ 120.763177] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kernel: [ 120.763186] task:wpa_supplicant state:D stack: 0 pid: 924 ppid: 1 flags:0x000043a0 kernel: [ 120.763201] Call Trace: kernel: [ 120.763214] __schedule+0x785/0x12fa kernel: [ 120.763224] ? lockdep_hardirqs_on_prepare+0xe2/0x1bb kernel: [ 120.763242] schedule+0x7e/0xa1 kernel: [ 120.763253] schedule_timeout+0x98/0xfe kernel: [ 120.763266] ? run_local_timers+0x4a/0x4a kernel: [ 120.763291] ath11k_mac_flush_tx_complete+0x197/0x2b1 [ath11k 13c3a9bf37790f4ac8103b3decf7ab4008ac314a] kernel: [ 120.763306] ? init_wait_entry+0x2e/0x2e kernel: [ 120.763343] __ieee80211_flush_queues+0x167/0x21f [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763378] __ieee80211_recalc_idle+0x105/0x125 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763411] ieee80211_recalc_idle+0x14/0x27 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763441] ieee80211_free_chanctx+0x77/0xa2 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763473] __ieee80211_vif_release_channel+0x100/0x131 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763540] ieee80211_vif_release_channel+0x66/0x81 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763572] ieee80211_destroy_auth_data+0xa3/0xe6 [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763612] ieee80211_mgd_deauth+0x178/0x29b [mac80211 335da900954f1c5ea7f1613d92088ce83342042c] kernel: [ 120.763654] cfg80211_mlme_deauth+0x1a8/0x22c [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763697] nl80211_deauthenticate+0xfa/0x123 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763715] genl_rcv_msg+0x392/0x3c2 kernel: [ 120.763750] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763782] ? nl80211_associate+0x432/0x432 [cfg80211 8945aa5bc2af5f6972336665d8ad6f9c191ad5be] kernel: [ 120.763802] ? genl_rcv+0x36/0x36 kernel: [ 120.763814] netlink_rcv_skb+0x89/0xf7 kernel: [ 120.763829] genl_rcv+0x28/0x36 kernel: [ 120.763840] netlink_unicast+0x179/0x24b kernel: [ 120.763854] netlink_sendmsg+0x393/0x401 kernel: [ 120.763872] sock_sendmsg+0x72/0x76 kernel: [ 120.763886] ____sys_sendmsg+0x170/0x1e6 kernel: [ 120.763897] ? copy_msghdr_from_user+0x7a/0xa2 kernel: [ 120.763914] ___sys_sendmsg+0x95/0xd1 kernel: [ 120.763940] __sys_sendmsg+0x85/0xbf kernel: [ 120.763956] do_syscall_64+0x43/0x55 kernel: [ 120.763966] entry_SYSCALL_64_after_hwframe+0x44/0xa9 kernel: [ 120.763977] RIP: 0033:0x79089f3fcc83 kernel: [ 120.763986] RSP: 002b:00007ffe604f0508 EFLAGS: 00000246 ORIG_RAX: 000000000000002e kernel: [ 120.763997] RAX: ffffffffffffffda RBX: 000059b40e987690 RCX: 000079089f3fcc83 kernel: [ 120.764006] RDX: 0000000000000000 RSI: 00007ffe604f0558 RDI: 0000000000000009 kernel: [ 120.764014] RBP: 00007ffe604f0540 R08: 0000000000000004 R09: 0000000000400000 kernel: [ 120.764023] R10: 00007ffe604f0638 R11: 0000000000000246 R12: 000059b40ea04980 kernel: [ 120.764032] R13: 00007ffe604 ---truncated---
AI-Powered Analysis
Technical Analysis
CVE-2022-49123 is a vulnerability identified in the Linux kernel specifically affecting the ath11k wireless driver, which supports Qualcomm's Wi-Fi 6 (802.11ax) chipsets. The issue arises from a deadlock condition during the flushing of management frames in the ath11k driver. The kernel logs indicate failures to flush management transmit queues, with messages such as "failed to flush mgmt transmit queue 0" and "dropping mgmt frame for vdev 0, is_started 0." This deadlock occurs because the workqueue responsible for transmitting management frames (wmi_mgmt_tx_work) is unable to execute within the expected timeframe (5 seconds), causing the system to block and generate hung task warnings. Attempts to mitigate by increasing kernel hung task timeout and flush timeout parameters only delay the symptoms rather than resolve the underlying deadlock. The stack traces show that the deadlock impacts critical mac80211 and cfg80211 subsystems responsible for Wi-Fi management, including deauthentication and channel release operations. This can lead to stalled wireless operations, degraded network connectivity, and potential denial of service (DoS) conditions on affected Linux systems. The vulnerability is intrinsic to the Linux kernel's handling of ath11k management frame flushing and does not require user interaction or authentication to manifest once the driver is in use. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The affected versions correspond to specific Linux kernel commits identified by their hashes, indicating the issue is present in certain recent kernel builds prior to the fix. The vulnerability is primarily a stability and availability concern related to wireless networking on Linux systems using ath11k hardware.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with the ath11k driver enabled, which includes many enterprise and industrial Linux deployments using Qualcomm Wi-Fi 6 chipsets. The impact centers on potential denial of service scenarios where wireless network connectivity can be disrupted due to the deadlock in management frame flushing. This can affect critical infrastructure, office networks, and remote access services relying on stable Wi-Fi connections. Organizations in sectors such as telecommunications, manufacturing, public administration, and research institutions that deploy Linux-based wireless access points or client devices may experience network outages or degraded performance. The inability to properly flush management frames could also complicate wireless network management and security operations, such as deauthentication and roaming. While no direct confidentiality or integrity compromise is indicated, the availability impact can disrupt business continuity and operational efficiency. Given the widespread use of Linux in European IT environments and the increasing adoption of Wi-Fi 6 hardware, the vulnerability could affect a broad range of systems if unpatched.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should: 1) Identify Linux systems using the ath11k driver by auditing kernel modules and hardware inventories. 2) Apply the latest Linux kernel updates that include the fix for CVE-2022-49123 as soon as they become available from trusted Linux distributions or kernel maintainers. 3) Temporarily, avoid increasing hung task timeout parameters as this only delays detection and does not resolve the deadlock. 4) Consider disabling or replacing affected wireless hardware if kernel updates are not immediately feasible, especially in critical environments. 5) Monitor kernel logs for hung task warnings related to ath11k and management frame flushing to detect potential occurrences. 6) Implement network segmentation and redundancy to minimize the impact of wireless outages. 7) Engage with hardware vendors to confirm compatibility and support for patched drivers. 8) Test kernel updates in controlled environments before wide deployment to ensure stability. These steps go beyond generic advice by focusing on driver-specific identification, proactive patch management, and operational monitoring tailored to the ath11k wireless subsystem.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-02-26T01:49:39.265Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d982cc4522896dcbe4f97
Added to database: 5/21/2025, 9:09:00 AM
Last enriched: 6/30/2025, 3:09:34 AM
Last updated: 8/1/2025, 1:29:15 AM
Views: 15
Related Threats
CVE-2025-1500: CWE-434 Unrestricted Upload of File with Dangerous Type in IBM Maximo Application Suite
MediumCVE-2025-1403: CWE-502 Deserialization of Untrusted Data in IBM Qiskit SDK
HighCVE-2025-0161: CWE-94 Improper Control of Generation of Code ('Code Injection') in IBM Security Verify Access
HighCVE-2025-8866: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in YugabyteDB Inc YugabyteDB Anywhere
MediumCVE-2025-45146: n/a
CriticalActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.