CVE-2022-49539: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49539 affects the Linux kernel's rtw89 wireless driver. The vulnerability involves CAM (Content Addressable Memory) leaks occurring during the System Error Recovery (SER) L2 reset process and ieee80211restarthw() operation. The issue was discovered in March 2022 and was fixed through kernel patches (Kernel Patch).

The vulnerability occurs in the address CAM and BSSID CAM handling during system error recovery. The normal flow sequence that leads to the leak is: add interface (acquire 1) -> enter ips (release 1) -> leave ips (acquire 1) -> connection (occupy 1), resulting in one leak after L2 reset for non-secure connections. Additionally, during ieee80211restarthw() flow under connection, the sequence (ieee80211 reconfig -> add interface -> leave ips -> connection) causes another leak (Kernel Patch).

The vulnerability results in memory leaks in the Linux kernel's wireless networking subsystem, specifically affecting systems using the rtw89 wireless driver. These leaks occur during system error recovery processes and can potentially lead to resource exhaustion over time (Kernel Patch).

The issue was fixed by modifying the CAM release behavior to release CAM regardless of connection security status, and by implementing checks to prevent multiple CAM acquisitions. For AP mode, the fix includes releasing address CAM of all stations before hardware restart (Kernel Patch).