CVE-2024-42125

MEDIUM

Linux Kernel 6.9-6.9.8 - NULL Pointer Dereference in WiFi 6 GHz Band Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband We have some policy via BIOS to block uses of 6 GHz. In this case, 6 GHz sband will be NULL even if it is WiFi 7 chip. So, add NULL handling here to avoid crash.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/ce4ba62f8bc5195a9a0d49c6235a9c99e619cadc

Patch

https://git.kernel.org/stable/c/bb38626f3f97e16e6d368a9ff6daf320f3fe31d9

Scores

CVSS v3 5.5

EPSS 0.0021

EPSS Percentile 10.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (8)

linux/Kernel 6.9.0 - 6.9.9linux

Linux/Linux < 6.9

Linux/Linux 4ba24331c973eb1df0d3b67b0e3f8b7cde7765a7 - bb38626f3f97e16e6d368a9ff6daf320f3fe31d9

Linux/Linux 4ba24331c973eb1df0d3b67b0e3f8b7cde7765a7 - ce4ba62f8bc5195a9a0d49c6235a9c99e619cadc

Linux/Linux 6.10

Linux/Linux 6.9

Linux/Linux 6.9.9 - 6.9.*

linux/linux_kernel 6.9 - 6.9.9

Published Jul 30, 2024

Tracked Since Feb 18, 2026