{"id":"AZL-51156","summary":"CVE-2024-47713 affecting package kernel for versions less than 5.15.173.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()\n\nSince '__dev_queue_xmit()' should be called with interrupts enabled,\nthe following backtrace:\n\nieee80211_do_stop()\n ...\n spin_lock_irqsave(&local-\u003equeue_stop_reason_lock, flags)\n ...\n ieee80211_free_txskb()\n  ieee80211_report_used_skb()\n   ieee80211_report_ack_skb()\n    cfg80211_mgmt_tx_status_ext()\n     nl80211_frame_tx_status()\n      genlmsg_multicast_netns()\n       genlmsg_multicast_netns_filtered()\n        nlmsg_multicast_filtered()\n\t netlink_broadcast_filtered()\n\t  do_one_broadcast()\n\t   netlink_broadcast_deliver()\n\t    __netlink_sendskb()\n\t     netlink_deliver_tap()\n\t      __netlink_deliver_tap_skb()\n\t       dev_queue_xmit()\n\t        __dev_queue_xmit() ; with IRQS disabled\n ...\n spin_unlock_irqrestore(&local-\u003equeue_stop_reason_lock, flags)\n\nissues the warning (as reported by syzbot reproducer):\n\nWARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120\n\nFix this by implementing a two-phase skb reclamation in\n'ieee80211_do_stop()', where actual work is performed\noutside of a section with interrupts disabled.","modified":"2026-04-01T05:17:40.796725Z","published":"2024-10-21T12:15:07Z","upstream":["CVE-2024-47713"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47713"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.173.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-51156.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}