CVE-2024-46860

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change When disabling wifi mt7921_ipv6_addr_change() is called as a notifier. At this point mvif->phy is already NULL so we cannot use it here.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*

History

02 Oct 2024, 14:04

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-476
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/479ffee68d59c599f8aed8fa2dcc8e13e7bd13c3 - () https://git.kernel.org/stable/c/479ffee68d59c599f8aed8fa2dcc8e13e7bd13c3 - Patch
References () https://git.kernel.org/stable/c/4bfee9346d8c17d928ef6da2b8bffab88fa2a553 - () https://git.kernel.org/stable/c/4bfee9346d8c17d928ef6da2b8bffab88fa2a553 - Patch
References () https://git.kernel.org/stable/c/8d92bafd4c67efb692f722d73a07412b5f88c6d6 - () https://git.kernel.org/stable/c/8d92bafd4c67efb692f722d73a07412b5f88c6d6 - Patch
CPE cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*

30 Sep 2024, 12:45

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mt76: mt7921: se corrige el acceso al puntero NULL en mt7921_ipv6_addr_change. Al deshabilitar wifi, se llama a mt7921_ipv6_addr_change() como notificador. En este punto, mvif->phy ya es NULL, por lo que no podemos usarlo aquí.

27 Sep 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-27 13:15

Updated : 2024-10-02 14:04


NVD link : CVE-2024-46860

Mitre link : CVE-2024-46860

CVE.ORG link : CVE-2024-46860


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference