CVE-2022-49305 is a vulnerability identified in the Linux kernel's wireless driver subsystem, specifically within the staging driver rtl8192u. The issue arises from a deadlock condition in the function ieee80211_beacons_stop(). This function attempts to stop beacon transmissions by acquiring a spinlock (ieee->beacon_lock) and then calling del_timer_sync() to wait for a timer to stop. However, the timer handler function ieee80211_send_beacon_cb() also attempts to acquire the same spinlock. Because del_timer_sync() is called while holding the spinlock, the timer handler cannot acquire the lock, resulting in a deadlock where ieee80211_beacons_stop() blocks indefinitely. The root cause is the improper locking sequence where del_timer_sync() is invoked under the protection of a spinlock, preventing the timer callback from proceeding. The patch to fix this vulnerability involves moving the del_timer_sync() call outside the spinlock protection, allowing the timer handler to acquire the lock and complete its execution, thus preventing the deadlock. This vulnerability affects Linux kernel versions containing the rtl8192u driver with the specified commit hash. It is a concurrency issue impacting the availability of the wireless networking functionality managed by this driver. No known exploits are reported in the wild, and no CVSS score has been assigned yet.

For European organizations, this vulnerability primarily impacts the availability and reliability of wireless networking on systems running affected Linux kernels with the rtl8192u driver. The deadlock can cause the wireless interface to become unresponsive or hang during beacon stopping operations, potentially disrupting network connectivity. This can affect critical infrastructure, enterprise networks, and industrial systems relying on Linux-based wireless devices. Although this vulnerability does not directly compromise confidentiality or integrity, the denial of service caused by the deadlock could interrupt business operations, especially in environments where wireless communication is essential. Systems used in telecommunications, manufacturing, or public services that depend on stable wireless connectivity could experience outages or degraded performance. Since the vulnerability is in a staging driver, it may be more prevalent in embedded or specialized devices rather than mainstream desktop distributions. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to potential future exploitation or accidental triggering of the deadlock.

To mitigate this vulnerability, European organizations should: 1) Apply the official Linux kernel patches that move the del_timer_sync() call outside the spinlock protection as soon as they are available from their Linux distribution vendors or upstream kernel sources. 2) Identify and inventory all systems using the rtl8192u wireless driver, particularly embedded devices, IoT devices, or specialized hardware running Linux kernels with the affected commit. 3) For devices where kernel patching or upgrading is not immediately feasible, consider disabling the rtl8192u wireless interface or replacing it with alternative hardware or drivers that are not affected. 4) Monitor system logs and wireless interface behavior for signs of deadlock or unresponsiveness related to beacon management. 5) Implement network redundancy and failover mechanisms to minimize operational impact if wireless connectivity is disrupted. 6) Coordinate with vendors and device manufacturers to ensure timely firmware or driver updates addressing this issue. These steps go beyond generic advice by focusing on driver-specific identification, patch management, and operational continuity planning.