{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-48784","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-06-20T11:09:39.068Z","datePublished":"2024-07-16T11:13:20.462Z","dateUpdated":"2025-05-04T12:43:43.066Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:43:43.066Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncfg80211: fix race in netlink owner interface destruction\n\nMy previous fix here to fix the deadlock left a race where\nthe exact same deadlock (see the original commit referenced\nbelow) can still happen if cfg80211_destroy_ifaces() already\nruns while nl80211_netlink_notify() is still marking some\ninterfaces as nl_owner_dead.\n\nThe race happens because we have two loops here - first we\ndev_close() all the netdevs, and then we destroy them. If we\nalso have two netdevs (first one need only be a wdev though)\nthen we can find one during the first iteration, close it,\nand go to the second iteration -- but then find two, and try\nto destroy also the one we didn't close yet.\n\nFix this by only iterating once."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/wireless/core.c"],"versions":[{"version":"ea6b2098dd02789f68770fd3d5a373732207be2f","lessThan":"241e633cb379c4f332fc1baf2abec95ec840cbeb","status":"affected","versionType":"git"},{"version":"ea6b2098dd02789f68770fd3d5a373732207be2f","lessThan":"c979f792a2baf6d0f3419587668a1a6eba46a3d2","status":"affected","versionType":"git"},{"version":"ea6b2098dd02789f68770fd3d5a373732207be2f","lessThan":"f0a6fd1527067da537e9c48390237488719948ed","status":"affected","versionType":"git"},{"version":"2e4f97122f3a9df870dfe9671994136448890768","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/wireless/core.c"],"versions":[{"version":"5.13","status":"affected"},{"version":"0","lessThan":"5.13","status":"unaffected","versionType":"semver"},{"version":"5.15.25","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.16.11","lessThanOrEqual":"5.16.*","status":"unaffected","versionType":"semver"},{"version":"5.17","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"5.15.25"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"5.16.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"5.17"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.12.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/241e633cb379c4f332fc1baf2abec95ec840cbeb"},{"url":"https://git.kernel.org/stable/c/c979f792a2baf6d0f3419587668a1a6eba46a3d2"},{"url":"https://git.kernel.org/stable/c/f0a6fd1527067da537e9c48390237488719948ed"}],"title":"cfg80211: fix race in netlink owner interface destruction","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T15:25:01.910Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/241e633cb379c4f332fc1baf2abec95ec840cbeb","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c979f792a2baf6d0f3419587668a1a6eba46a3d2","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f0a6fd1527067da537e9c48390237488719948ed","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2022-48784","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T17:00:08.216328Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:34:16.695Z"}}]}}