CVE-2024-58072

HIGH

Linux Kernel Use-After-Free in rtlwifi Probe

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused check_buddy_priv Commit 2461c7d60f9f ("rtlwifi: Update header file") introduced a global list of private data structures. Later on, commit 26634c4b1868 ("rtlwifi Modify existing bits to match vendor version 2013.02.07") started adding the private data to that list at probe time and added a hook, check_buddy_priv to find the private data from a similar device. However, that function was never used. Besides, though there is a lock for that list, it is never used. And when the probe fails, the private data is never removed from the list. This would cause a second probe to access freed memory. Remove the unused hook, structures and members, which will prevent the potential race condition on the list and its corruption during a second probe when probe fails.

References (11)

Core 11
Core References

Scores

CVSS v3 7.8
EPSS 0.0018
EPSS Percentile 8.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (26)
linux/Kernel 3.10.0 - 5.4.291linux
linux/Kernel 5.11.0 - 5.15.179linux
linux/Kernel 5.16.0 - 6.1.129linux
linux/Kernel 5.5.0 - 5.10.235linux
linux/Kernel 6.13.0 - 6.13.2linux
linux/Kernel 6.2.0 - 6.6.76linux
linux/Kernel 6.7.0 - 6.12.13linux
Linux/Linux < 3.10
Linux/Linux 26634c4b1868323f49f8cd24c3493b57819867fd - 006e803af7408c3fc815b0654fc5ab43d34f0154
Linux/Linux 26634c4b1868323f49f8cd24c3493b57819867fd - 1b9cbd8a9ae68b32099fbb03b2d5ffa0c5e0dcc9
... and 16 more
Published Mar 06, 2025
Tracked Since Feb 18, 2026