CVE-2024-50235

HIGH

Linux Kernel < 6.1.116 - Double Free

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network namespace, then destroyed later, running this code again, which results in a double-free.

References (5)

[Mailing List] https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

[Patch] https://git.kernel.org/stable/c/64e4c45d23cd7f6167f69cc2d2877bc7f54292e5

[Patch] https://git.kernel.org/stable/c/6c44abb2d4c3262737d5d67832daebc8cf48b8c9

[Patch] https://git.kernel.org/stable/c/ba392e1355ba74b1d4fa11b85f71ab6ed7ecc058

[Patch] https://git.kernel.org/stable/c/d5fee261dfd9e17b08b1df8471ac5d5736070917

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 2.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (6)

linux/linux_kernel < 6.1.116

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

Timeline

Published Nov 09, 2024

Tracked Since Feb 18, 2026