CVE-2024-47712

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58

Description A potential RCU dereference issue was identified in the wilc parse join bss param function, where the TSF field of the ies structure is accessed after the RCU read-side critical section is unlocked. This can lead to unpredictable behavior, including accessing memory that has been updated or causing use-after-free issues. The issue was detected using a static analysis tool designed to identify RCU-related problems. To address this, the TSF value is now stored in a local variable ies tsf before the RCU lock is released, ensuring safe access to the TSF value.

Recommendations For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider applying the fix manually by storing the TSF value in a local variable before releasing the RCU lock, similar to the solution implemented in version 6.6.58.