CVE-2022-48784: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48784 is a race condition vulnerability in the Linux kernel's cfg80211 wireless networking subsystem. The vulnerability was discovered in the netlink owner interface destruction process, where a race condition could occur during the destruction of network interfaces. The issue affects Linux kernel versions from 5.12.1 up to (excluding) 5.15.25, versions from 5.16 up to (excluding) 5.16.11, and 5.17 release candidates (rc1 through rc4) (NVD).

The vulnerability stems from a race condition in the cfg80211destroyifaces() function where two separate loops were used - one for closing network devices and another for destroying them. This could lead to a deadlock if cfg80211destroyifaces() runs while nl80211netlinknotify() is still marking interfaces as nlownerdead. The issue has been assigned a CVSS v3.1 base score of 4.7 (Medium) with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD, Kernel Patch).

The vulnerability can result in a deadlock condition in the Linux kernel's wireless networking subsystem. This could potentially lead to system availability issues, particularly affecting wireless network interface management (NVD).

The vulnerability has been fixed by modifying the cfg80211destroyifaces() function to use a single iteration instead of two separate loops. The fix was implemented through a patch that combines the device closing and destruction operations into a single loop. Users should upgrade to Linux kernel versions that include this fix (Kernel Patch).