CVE-2022-49304
📋 TL;DR
This CVE describes a deadlock vulnerability in the Linux kernel's SA1100 serial driver. When exploited, it can cause a kernel panic or system freeze by creating a circular lock dependency between the serial port lock and timer handler. This affects Linux systems using the SA1100 serial driver, primarily embedded devices and older ARM-based systems.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system freeze or kernel panic requiring hard reboot, leading to denial of service and potential data loss.
Likely Case
Local denial of service affecting serial port functionality, potentially causing system instability.
If Mitigated
Minimal impact if system doesn't use SA1100 serial ports or has proper isolation.
🎯 Exploit Status
Requires local access to trigger serial port operations. No known public exploits, but deadlock vulnerabilities can be reliably triggered.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel commit 0976808d0d171ec837d4bd3e9f4ad4a00ab703b8 and later
Vendor Advisory: https://git.kernel.org/stable/c/0976808d0d171ec837d4bd3e9f4ad4a00ab703b8
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fix commit 0976808d0d171ec837d4bd3e9f4ad4a00ab703b8
2. Rebuild kernel if compiling from source
3. Reboot system to load new kernel
🔧 Temporary Workarounds
Disable SA1100 serial driver
linuxPrevent loading of vulnerable driver module
echo 'blacklist sa1100_serial' >> /etc/modprobe.d/blacklist.conf
rmmod sa1100_serial
Restrict serial port access
linuxLimit which users can access serial devices
chmod 600 /dev/ttySA*
setfacl -m u:root:rw- /dev/ttySA*
🧯 If You Can't Patch
- Isolate systems using SA1100 hardware from untrusted users
- Implement strict access controls on serial port devices
🔍 How to Verify
Check if Vulnerable:
Check if SA1100 serial driver is loaded: lsmod | grep sa1100_serialCheck Version:
uname -rVerify Fix Applied:
Check kernel version includes fix: grep -q '0976808d0d171ec837d4bd3e9f4ad4a00ab703b8' /proc/version || uname -r📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- 'BUG: scheduling while atomic' in dmesg
- Serial port timeout errors
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("sa1100" OR "serial" OR "deadlock")🔗 References
- https://git.kernel.org/stable/c/0976808d0d171ec837d4bd3e9f4ad4a00ab703b8
- https://git.kernel.org/stable/c/09a5958a2452ad22d0cb638711ef34ea1863a829
- https://git.kernel.org/stable/c/2cbfc38df580bff5b2fe19f21c1a7520efcc4b3b
- https://git.kernel.org/stable/c/34d91e555e5582cffdbcbb75517bc9217866823e
- https://git.kernel.org/stable/c/553213432ef0c295becdc08c0207d2094468f673
- https://git.kernel.org/stable/c/62b2caef400c1738b6d22f636c628d9f85cd4c4c
- https://git.kernel.org/stable/c/6e2273eefab54a521d9c59efb6e1114e742bdf41
- https://git.kernel.org/stable/c/85e20f8bd31a46d8c60103d0274a8ebe8f47f2b2
- https://git.kernel.org/stable/c/920f0ae7a129ffee98a106e3bbdfd61a2a59e939
