CVE-2024-47718

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-47718
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47718.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-47718
Downstream
Related
Published
2024-10-21T12:15:08Z
Modified
2025-08-09T20:01:27Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: rtw88: always wait for both firmware loading attempts

In 'rtwwaitfirmwarecompletion()', always wait for both (regular and wowlan) firmware loading attempts. Otherwise if 'rtwusbintfinit()' has failed in 'rtwusbprobe()', 'rtwusbdisconnect()' may issue 'ieee80211freehw()' when one of 'rtwloadfirmware_cb()' (usually the wowlan one) is still in progress, causing UAF detected by KASAN.

References

Affected packages