CVE-2024-44997

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-44997

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-44997.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-44997

Downstream

BELL-CVE-2024-44997

DEBIAN-CVE-2024-44997

OESA-2024-2325

SUSE-SU-2024:3551-1

SUSE-SU-2024:3553-1

SUSE-SU-2024:3561-1

SUSE-SU-2024:3564-1

UBUNTU-CVE-2024-44997

Related

Published

2024-09-04T19:54:42Z

Modified

2025-10-09T16:25:20.277199Z

Summary

net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb()

Details

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: mtkwed: fix use-after-free panic in mtkwedsetuptcblockcb()

When there are multiple ap interfaces on one band and with WED on, turning the interface down will cause a kernel panic on MT798X.

Previously, cbpriv was freed in mtkwedsetuptcblock() without marking NULL,and mtkwedsetuptcblockcb() didn't check the value, too.

Assign NULL after free cbpriv in mtkwedsetuptcblock() and check NULL in mtkwedsetuptcblockcb().

Unable to handle kernel paging request at virtual address 0072460bca32b4f5 Call trace: mtkwedsetuptcblockcb+0x4/0x38 0xffffffc0794084bc tcfblockplaybackoffloads+0x70/0x1e8 tcfblockunbind+0x6c/0xc8

...

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

799684448e3e1f57257a6155541e53510488f67b

Fixed

326a89321f9d5fe399fe6f9ff7c0fc766582a6a0

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

799684448e3e1f57257a6155541e53510488f67b

Fixed

b453a4bbda03aa8741279c360ac82d1c3ac33548

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

799684448e3e1f57257a6155541e53510488f67b

Fixed

db1b4bedb9b97c6d34b03d03815147c04fffe8b4

Affected versions

v6.*

v6.1

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.10

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.10.1

v6.10.2

v6.10.3

v6.10.4

v6.10.5

v6.10.6

v6.11-rc1

v6.11-rc2

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.5

v6.5-rc1

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.10

v6.6.11

v6.6.12

v6.6.13

v6.6.14

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.2

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.6.24

v6.6.25

v6.6.26

v6.6.27

v6.6.28

v6.6.29

v6.6.3

v6.6.30

v6.6.31

v6.6.32

v6.6.33

v6.6.34

v6.6.35

v6.6.36

v6.6.37

v6.6.38

v6.6.39

v6.6.4

v6.6.40

v6.6.41

v6.6.42

v6.6.43

v6.6.44

v6.6.45

v6.6.46

v6.6.47

v6.6.5

v6.6.6

v6.6.7

v6.6.8

v6.6.9

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

v6.9-rc6

v6.9-rc7

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.48

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.10.7