CVE-2024-46860

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change

When disabling wifi mt7921_ipv6_addr_change() is called as a notifier. At this point mvif->phy is already NULL so we cannot use it here.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7bc04215a66b60e198aecaee8418f6d79fa19faa < 4bfee9346d8c17d928ef6da2b8bffab88fa2a553affected
LinuxLinux7bc04215a66b60e198aecaee8418f6d79fa19faa < 8d92bafd4c67efb692f722d73a07412b5f88c6d6affected
LinuxLinux7bc04215a66b60e198aecaee8418f6d79fa19faa < 479ffee68d59c599f8aed8fa2dcc8e13e7bd13c3affected
LinuxLinux4.16affected
LinuxLinux0 < 4.16unaffected
LinuxLinux6.6.52 <= 6.6.*unaffected
LinuxLinux6.10.11 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References