CVE-2024-44997
Severity CVSS v4.0:
Pending analysis
Type:
CWE-416
Use After Free
Publication date:
04/09/2024
Last modified:
06/09/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb()<br />
<br />
When there are multiple ap interfaces on one band and with WED on,<br />
turning the interface down will cause a kernel panic on MT798X.<br />
<br />
Previously, cb_priv was freed in mtk_wed_setup_tc_block() without<br />
marking NULL,and mtk_wed_setup_tc_block_cb() didn&#39;t check the value, too.<br />
<br />
Assign NULL after free cb_priv in mtk_wed_setup_tc_block() and check NULL<br />
in mtk_wed_setup_tc_block_cb().<br />
<br />
----------<br />
Unable to handle kernel paging request at virtual address 0072460bca32b4f5<br />
Call trace:<br />
mtk_wed_setup_tc_block_cb+0x4/0x38<br />
0xffffffc0794084bc<br />
tcf_block_playback_offloads+0x70/0x1e8<br />
tcf_block_unbind+0x6c/0xc8<br />
...<br />
---------
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.48 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.10.7 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page