Marcin Ślusarz

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a NULL pointer dereference in the `rtw rx fill rx status` function on the hw object and/or its fields. This occurs because the initialization routine can start getting USB replies before `rtw dev` is fully set up. The stack trace includes functions such as `rtw rx fill rx status`, `rtw8821c query rx desc`, `rtw usb rx handler`, and others. The problem can be fixed by moving the first `usb submit urb` after everything is set up. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.