CVE-2022-49519 – A double-free vulnerability in the Linux kernel... (How to Fix)

Q: What is the severity of CVE-2022-49519?

CVE-2022-49519 has a CVSS score of 7.8 (HIGH). A double-free vulnerability in the Linux kernel's ath10k wireless driver causes kernel crashes when firmware recovery is immediately followed by system suspend. This affects Linux systems using Qualcomm Atheros QCA6174 wireless hardware with vulnerable kernel versions. The vulnerability leads to denial of service and potential system instability.

📋 TL;DR

A double-free vulnerability in the Linux kernel's ath10k wireless driver causes kernel crashes when firmware recovery is immediately followed by system suspend. This affects Linux systems using Qualcomm Atheros QCA6174 wireless hardware with vulnerable kernel versions. The vulnerability leads to denial of service and potential system instability.

💻 Affected Systems

Products:

Linux kernel ath10k wireless driver

Versions: Kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires Qualcomm Atheros QCA6174 hardware (hw3.2) with ath10k driver. Other ath10k-supported hardware may also be affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to complete system crash and denial of service, requiring physical or remote reboot.

🟠

Likely Case

System instability and crashes during suspend/resume cycles when wireless firmware recovery occurs.

🟢

If Mitigated

Minor performance impact from proper synchronization between firmware recovery and suspend operations.

🌐 Internet-Facing: LOW - Requires local access to trigger wireless firmware recovery followed by suspend.

🏢 Internal Only: MEDIUM - Internal users with wireless connectivity could trigger crashes through normal usage patterns.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering wireless firmware recovery (via WMI timeout/crash) followed immediately by system suspend. This could occur during normal wireless operation under certain conditions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 5321e5211b5d, 7eb14cb604f4, 8aa3750986ff, b72a4aff947b, c2272428090d

Vendor Advisory: https://git.kernel.org/stable/c/5321e5211b5dc873e2e3d0deb749e69ecf4dbfe5

Restart Required: No

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot is recommended but not strictly required for driver-level fixes.

🔧 Temporary Workarounds

Disable wireless suspend

linux

Prevent wireless interface from entering suspend mode

echo 0 > /sys/class/net/wlan0/power/control
iw dev wlan0 set power_save off

Disable firmware recovery

linux

Prevent ath10k firmware recovery mechanism

echo 0 > /sys/kernel/debug/ieee80211/phy0/ath10k/firmware_recovery

🧯 If You Can't Patch

Disable wireless functionality on affected systems
Implement monitoring for kernel crashes related to ath10k and establish rapid recovery procedures

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if ath10k module is loaded: lsmod | grep ath10k && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: git log --oneline | grep -E '5321e5211b5d|7eb14cb604f4|8aa3750986ff|b72a4aff947b|c2272428090d'

📡 Detection & Monitoring

Log Indicators:

Kernel BUG at mm/slub.c:4150
ath10k_halt called multiple times
Double free crash in ath10k_htt_rx_free

Network Indicators:

Wireless connectivity drops followed by system instability

SIEM Query:

event_source="kernel" AND (message:"kernel BUG at mm/slub.c" OR message:"ath10k_halt" OR message:"double free")

📊 Metadata

CVE ID: CVE-2022-49519

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-415

EPSS Score: 0.04% exploit probability (10.3th percentile)

Published: February 26, 2025

Last Updated: October 21, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49519, you might also want to check these: