CVE-2022-49311: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49311 affects the Linux kernel's rtl8192bs driver, specifically in the rtwjoinbssevent_prehandle() function. The vulnerability was discovered and patched in 2022, involving a deadlock condition in the driver's staging code (Kernel Commit).

The vulnerability manifests as a deadlock condition between two threads in the rtwjoinbsseventprehandle() function. Thread 1 holds pmlmepriv->lock and calls deltimer_sync(), while Thread 2 (timer handler) attempts to acquire the same lock, resulting in a permanent blocking condition. The issue occurs due to improper lock handling in the driver code (Kernel Commit).

When triggered, this vulnerability causes the rtwjoinbssevent_prehandle() function to block indefinitely, potentially leading to system hangs or unresponsiveness in affected Linux systems using the rtl8192bs wireless driver (Kernel Commit).

The issue was fixed by extracting deltimersync() from the protection of spinlockbh() and changing spinlockbh() to spinlockirq() in rtwjointimeouthandler(). This modification allows the timer handler to obtain the needed lock properly (Kernel Commit).