Marcel Hamer

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the brcmfmac wifi driver. This issue occurs when the device is removed or the kernel module is unloaded, leading to a potential NULL pointer dereference in the `brcmf txfinalize()` function. The problem arises from the `brcmf get ifp()` function returning NULL, which is then passed to `brcmf txfinalize()`, causing the NULL pointer dereference when trying to update the `tx errors` statistic. Although this issue has only been observed when updating the tx statistic, all other uses of the `ifp` pointer have been guarded against NULL pointer dereferences. **Recommendations** To resolve this issue, update the Linux kernel to a version that includes the fix for the NULL pointer dereference in the `brcmf txfinalize()` function. As a temporary workaround, consider disabling the `brcmf txfinalize()` function until a patch is available. However, since the exact affected versions are not specified, it is crucial to ensure that the update addresses this specific issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.