CVE-2024-47718

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: rtw88: always wait for both firmware loading attempts

In 'rtw_wait_firmware_completion()', always wait for both (regular and wowlan) firmware loading attempts. Otherwise if 'rtw_usb_intf_init()' has failed in 'rtw_usb_probe()', 'rtw_usb_disconnect()' may issue 'ieee80211_free_hw()' when one of 'rtw_load_firmware_cb()' (usually the wowlan one) is still in progress, causing UAF detected by KASAN.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc8e5695eae9959fc5774c0f490f2450be8bad3de < a0c1e2da652cf70825739bc12d49ea15805690bfaffected
LinuxLinuxc8e5695eae9959fc5774c0f490f2450be8bad3de < ceaab3fb64d6a5426a3db8f87f3e5757964f2532affected
LinuxLinuxc8e5695eae9959fc5774c0f490f2450be8bad3de < 7887ad11995a4142671cc49146db536f923c8568affected
LinuxLinuxc8e5695eae9959fc5774c0f490f2450be8bad3de < 1b8178a2ae272256ea0dc4f940320a81003535e2affected
LinuxLinuxc8e5695eae9959fc5774c0f490f2450be8bad3de < 9432185540bafd42b7bfac6e6ef2f0a0fb4be447affected
LinuxLinuxc8e5695eae9959fc5774c0f490f2450be8bad3de < e9a78d9417e167410d6fb83c4e908b077ad8ba6daffected
LinuxLinuxc8e5695eae9959fc5774c0f490f2450be8bad3de < 0e735a4c6137262bcefe45bb52fde7b1f5fc6c4daffected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.10.227 <= 5.10.*unaffected
LinuxLinux5.15.168 <= 5.15.*unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.54 <= 6.6.*unaffected
LinuxLinux6.10.13 <= 6.10.*unaffected
LinuxLinux6.11.2 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References