CVE-2024-46676

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been resolved in the Linux kernel related to the NFC subsystem, specifically in the pn533 module. The issue arises when the im protocols value is 1 and the tm protocols value is 0, which passes the check in nfc start poll() but leads to an empty poll mod list and a division by zero error. This combination of protocol values is not expected by the driver but can be passed from userspace via the Netlink interface using the NFC CMD START POLL operation. A broken or malicious program can exploit this by sending a message with a "bad" combination of protocol parameter values, leading to a division by zero error. The call trace involves nfc genl start poll(), nfc start poll(), start poll(), and pn533 start poll().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.