CVE-2024-43844

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.30-02659-gc18865c4dfbd

Description The vulnerability is related to the wifi component of the Linux kernel, specifically the rtw89 module. It is caused by a mistake in the allocation of memory for the skb (socket buffer) structure, which can lead to a buffer overflow and potentially cause a denial-of-service (DoS) condition. The issue is triggered when the skb is too large and exceeds the end of the buffer, causing a panic in the kernel. The vulnerability can be exploited by an attacker to cause a system crash or potentially execute arbitrary code.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the vulnerability, which is version 6.6.30-02659-gc18865c4dfbd or later. If an update is not available, consider disabling the rtw89 module or restricting its use to minimize the risk of exploitation. Additionally, ensure that the system is configured to prevent unauthorized access and that any unnecessary services or modules are disabled.