CVE-2024-58062

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: avoid NULL pointer dereference

When iterating over the links of a vif, we need to make sure that the pointer is valid (in other words - that the link exists) before dereferncing it. Use for_each_vif_active_link that also does the check.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2b7ee1a10a72ef8f3df621133ac04e80e8214037 < fbb563ad5032a07ac83c746ce5c8de5f25b5ffd0affected
LinuxLinux2b7ee1a10a72ef8f3df621133ac04e80e8214037 < 7f6fb4b7611eb6371c493c42fefad84a1742bcbbaffected
LinuxLinux2b7ee1a10a72ef8f3df621133ac04e80e8214037 < cf704a7624f99eb2ffca1a16c69183e85544a613affected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.13 <= 6.12.*unaffected
LinuxLinux6.13.2 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References