In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: mtkwed: fix use-after-free panic in mtkwedsetuptcblockcb()
When there are multiple ap interfaces on one band and with WED on, turning the interface down will cause a kernel panic on MT798X.
Previously, cbpriv was freed in mtkwedsetuptcblock() without marking NULL,and mtkwedsetuptcblockcb() didn't check the value, too.
Assign NULL after free cbpriv in mtkwedsetuptcblock() and check NULL in mtkwedsetuptcblockcb().
Unable to handle kernel paging request at virtual address 0072460bca32b4f5 Call trace: mtkwedsetuptcblockcb+0x4/0x38 0xffffffc0794084bc tcfblockplaybackoffloads+0x70/0x1e8 tcfblockunbind+0x6c/0xc8