CVE-2024-38609

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-38609
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38609.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-38609
Downstream
Related
Published
2024-06-19T13:56:11.416Z
Modified
2025-11-15T22:37:37.924663Z
Summary
wifi: mt76: connac: check for null before dereferencing
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: connac: check for null before dereferencing

The wcid can be NULL. It should be checked for validity before dereferencing it to avoid crash.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
098428c400ff2d0f32b7cc0dc003c8da4b69908d
Fixed
e469218765b2781fb968778bd13595acec181a0e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
098428c400ff2d0f32b7cc0dc003c8da4b69908d
Fixed
cb47c7be0e93dd5acda078163799401ac3a78e10

Affected versions

v6.*

v6.8
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cb47c7be0e93dd5acda078163799401ac3a78e10",
        "id": "CVE-2024-38609-00e94855",
        "target": {
            "function": "__mt76_connac_mcu_alloc_sta_req",
            "file": "drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c"
        },
        "deprecated": false,
        "digest": {
            "length": 493.0,
            "function_hash": "46766214169506234886670527456907525249"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cb47c7be0e93dd5acda078163799401ac3a78e10",
        "id": "CVE-2024-38609-43e0a7cc",
        "target": {
            "file": "drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c"
        },
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "283001871305712697597699353944555182233",
                "72010946009809834177584054563336755250",
                "312342834547828173282477895287037989268",
                "246758810829156767226474491296490537319"
            ]
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e469218765b2781fb968778bd13595acec181a0e",
        "id": "CVE-2024-38609-514c5f22",
        "target": {
            "function": "__mt76_connac_mcu_alloc_sta_req",
            "file": "drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c"
        },
        "deprecated": false,
        "digest": {
            "length": 493.0,
            "function_hash": "46766214169506234886670527456907525249"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e469218765b2781fb968778bd13595acec181a0e",
        "id": "CVE-2024-38609-acccfbc1",
        "target": {
            "file": "drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c"
        },
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "283001871305712697597699353944555182233",
                "72010946009809834177584054563336755250",
                "312342834547828173282477895287037989268",
                "246758810829156767226474491296490537319"
            ]
        },
        "signature_type": "Line"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.9.0
Fixed
6.9.3