Stefan Dösinger

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 6.10 through 6.11 **Description** A vulnerability in the Linux kernel has been identified, specifically in the brcmfmac driver. The issue arises when the `of property read string index()` function returns an uninitialized value, leading to a crash. This occurs because the property does not exist, causing a random pointer to be passed to `devm kstrdup()`. The crash results in a page fault error with a permissions violation. **Recommendations** For Linux kernel versions 6.10 through 6.11, consider applying a patch that checks the return value of `of property read string index()` to prevent the crash. As a temporary workaround, disabling the brcmfmac driver may prevent the issue, but this is not a recommended long-term solution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.