CVE-2022-49129

HIGH

Linux Kernel 4.16-5.15.33, 5.12.0-5.15.33, 5.16.0-5.16.19, 5.17.0-5.17.2 - Use-After-Free in mt7921 Reset Work

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix crash when startup fails. If the nic fails to start, it is possible that the reset_work has already been scheduled. Ensure the work item is canceled so we do not have use-after-free crash in case cleanup is called before the work item is executed. This fixes crash on my x86_64 apu2 when mt7921k radio fails to work. Radio still fails, but OS does not crash.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/38fbe806645090c07aa97171f20fc62c3d7d3a98

Patch

https://git.kernel.org/stable/c/c1a5e6002ec441a3b9fb4d048b4b49ae93409a46

Patch

https://git.kernel.org/stable/c/ac1260b661c2ef0d0a56680cdb5672b931b7be8f

Patch

https://git.kernel.org/stable/c/827e7799c61b978fbc2cc9dac66cb62401b2b3f0

Scores

CVSS v3 7.8

EPSS 0.0025

EPSS Percentile 15.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-416

Status published

Products (14)

linux/Kernel 5.12.0 - 5.15.34linux

linux/Kernel 5.16.0 - 5.16.20linux

linux/Kernel 5.17.0 - 5.17.3linux

Linux/Linux < 5.12

Linux/Linux 5.12

Linux/Linux 5.15.34 - 5.15.*

Linux/Linux 5.16.20 - 5.16.*

Linux/Linux 5.17.3 - 5.17.*

Linux/Linux 5.18

Linux/Linux e0f9fdda81bd32371ddac9222487e612027d8de2 - 38fbe806645090c07aa97171f20fc62c3d7d3a98

... and 4 more

Published Feb 26, 2025

Tracked Since Feb 18, 2026