CVE-2021-47225

MEDIUM

Linux Kernel 5.12-5.12.12 - Deadlock in AP/VLAN Interface Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix deadlock in AP/VLAN handling Syzbot reports that when you have AP_VLAN interfaces that are up and close the AP interface they belong to, we get a deadlock. No surprise - since we dev_close() them with the wiphy mutex held, which goes back into the netdev notifier in cfg80211 and tries to acquire the wiphy mutex there. To fix this, we need to do two things: 1) prevent changing iftype while AP_VLANs are up, we can't easily fix this case since cfg80211 already calls us with the wiphy mutex held, but change_interface() is relatively rare in drivers anyway, so changing iftype isn't used much (and userspace has to fall back to down/change/up anyway) 2) pull the dev_close() loop over VLANs out of the wiphy mutex section in the normal stop case

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/8043903fcb72f545c52e3ec74d6fd82ef79ce7c5

Patch

https://git.kernel.org/stable/c/d5befb224edbe53056c2c18999d630dafb4a08b9

Scores

CVSS v3 5.5

EPSS 0.0015

EPSS Percentile 4.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-667

Status published

Products (8)

Linux/Linux < 5.12

Linux/Linux 5.12

Linux/Linux 5.12.13 - 5.12.*

Linux/Linux 5.13

Linux/Linux a05829a7222e9d10c416dd2dbbf3929fe6646b89 - 8043903fcb72f545c52e3ec74d6fd82ef79ce7c5

Linux/Linux a05829a7222e9d10c416dd2dbbf3929fe6646b89 - d5befb224edbe53056c2c18999d630dafb4a08b9

linux/linux_kernel 5.13 rc1 (6 CPE variants)

linux/linux_kernel 5.12 - 5.12.13

Published May 21, 2024

Tracked Since Feb 18, 2026