CVE-2024-46755

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.52

Description The vulnerability is related to the mwifiex get priv by id() function in the Linux kernel, which returns a priv pointer corresponding to the bss num and bss type without checking if the priv is actually in use. This can lead to NULL pointer dereferences further down the call stack. The issue occurs when an Access Point is started with wpa supplicant and a specific configuration, causing a kernel NULL pointer dereference at a virtual address.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.52 or later. As a temporary workaround, consider disabling the mwifiex get cfp() function until a patch is available. Restrict access to the vulnerable mwifiex module to minimize the risk of exploitation. Avoid using the ssid, mode, frequency, key mgmt, proto, group, pairwise, and psk parameters in the affected API endpoint until the issue is resolved.