CVE-2024-50235

HIGH

Linux Kernel 6.1.57-6.1.115 - Use-After-Free in WiFi cfg80211 CQM Configuration

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network namespace, then destroyed later, running this code again, which results in a double-free.

References (5)

Core 5

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Patch

https://git.kernel.org/stable/c/ba392e1355ba74b1d4fa11b85f71ab6ed7ecc058

Patch

https://git.kernel.org/stable/c/6c44abb2d4c3262737d5d67832daebc8cf48b8c9

Patch

https://git.kernel.org/stable/c/64e4c45d23cd7f6167f69cc2d2877bc7f54292e5

Patch

https://git.kernel.org/stable/c/d5fee261dfd9e17b08b1df8471ac5d5736070917

Scores

CVSS v3 7.8

EPSS 0.0024

EPSS Percentile 15.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-415

Status published

Products (15)

Linux/Linux < 6.6

Linux/Linux 32fb9b7d98c3e586bddfb978d383aa8d2b1211bc

Linux/Linux 37c20b2effe987b806c8de6d12978e4ffeff026f - 64e4c45d23cd7f6167f69cc2d2877bc7f54292e5

Linux/Linux 37c20b2effe987b806c8de6d12978e4ffeff026f - 6c44abb2d4c3262737d5d67832daebc8cf48b8c9

Linux/Linux 37c20b2effe987b806c8de6d12978e4ffeff026f - d5fee261dfd9e17b08b1df8471ac5d5736070917

Linux/Linux 6.1.116 - 6.1.*

Linux/Linux 6.1.57 - 6.1.116

Linux/Linux 6.11.7 - 6.11.*

Linux/Linux 6.12

Linux/Linux 6.5.7 - 6.6

... and 5 more

Published Nov 09, 2024

Tracked Since Feb 18, 2026