2 matches found
CVE-2022-49505
Mode C: The CVE-2022-49505 issue affects the Linux kernel NFC subsystem. The root cause is a UAF (use-after-free) of the rfkill object in the NFC device handling: during nfc_dev_up() and related operations, the rfkill state could be dereferenced if the device is removed via nfc_unregister_device(...
CVE-2025-71079
CVE-2025-71079 concerns a Linux kernel deadlock between nfc_unregister_device() and rfkill_fop_write() caused by lock-order inversion (device_lock vs rfkill_global_mutex). The fix moves rfkill_unregister() and rfkill_destroy() outside the device_lock section, storing the rfkill pointer in a local...