Home

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential race condition between napi_init and napi_enable A race condition can happen if netdev is registered, but NAPI isn't initialized yet, and meanwhile user space starts the netdev that will enable NAPI. Then, it hits BUG_ON(): kernel BUG at net/core/dev.c:6423! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 417 Comm: iwd Not tainted 6.2.7-slab-dirty #3 eb0f5a8a9d91 Hardware name: LENOVO 21DL/LNVNB161216, BIOS JPCN20WW(V1.06) 09/20/2022 RIP: 0010:napi_enable+0x3f/0x50 Code: 48 89 c2 48 83 e2 f6 f6 81 89 08 00 00 02 74 0d 48 83 ... RSP: 0018:ffffada1414f3548 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffffa01425802080 RCX: 0000000000000000 RDX: 00000000000002ff RSI: ffffada14e50c614 RDI: ffffa01425808dc0 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000100 R12: ffffa01425808f58 R13: 0000000000000000 R14: ffffa01423498940 R15: 0000000000000001 FS: 00007f5577c0a740(0000) GS:ffffa0169fc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f5577a19972 CR3: 0000000125a7a000 CR4: 0000000000750ef0 PKRU: 55555554 Call Trace: <TASK> rtw89_pci_ops_start+0x1c/0x70 [rtw89_pci 6cbc75429515c181cbc386478d5cfb32ffc5a0f8] rtw89_core_start+0xbe/0x160 [rtw89_core fe07ecb874820b6d778370d4acb6ef8a37847f22] rtw89_ops_start+0x26/0x40 [rtw89_core fe07ecb874820b6d778370d4acb6ef8a37847f22] drv_start+0x42/0x100 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2] ieee80211_do_open+0x311/0x7d0 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2] ieee80211_open+0x6a/0x90 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2] __dev_open+0xe0/0x180 __dev_change_flags+0x1da/0x250 dev_change_flags+0x26/0x70 do_setlink+0x37c/0x12c0 ? ep_poll_callback+0x246/0x290 ? __nla_validate_parse+0x61/0xd00 ? __wake_up_common_lock+0x8f/0xd0 To fix this, follow Jonas' suggestion to switch the order of these functions and move register netdev to be the last step of PCI probe. Also, correct the error handling of rtw89_core_register_hw().

PUBLISHED Reserved 2025-09-17 | Published 2025-10-01 | Updated 2025-10-01 | Assigner Linux

Product status

Default status
unaffected

e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd before 39712c8aeb79691bcec8bd6ff658cde1651e0803
affected

e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd before aa48073c2f993e1b0c0bc66b03ae105cac0130bc
affected

e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd before b1b90c7df08ef385f95827ee3aee87bddd1ef5c5
affected

e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd before 47515664ecfbde11425dff121f298ae4499425c9
affected

Default status
affected

5.16
affected

Any version before 5.16
unaffected

6.1.28
unaffected

6.2.15
unaffected

6.3.2
unaffected

6.4
unaffected

References

git.kernel.org/...c/39712c8aeb79691bcec8bd6ff658cde1651e0803

git.kernel.org/...c/aa48073c2f993e1b0c0bc66b03ae105cac0130bc

git.kernel.org/...c/b1b90c7df08ef385f95827ee3aee87bddd1ef5c5

git.kernel.org/...c/47515664ecfbde11425dff121f298ae4499425c9

cve.org (CVE-2023-53452)

nvd.nist.gov (CVE-2023-53452)

Download JSON