CVE-2024-27053

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.7.0-rc1-wt+

Description The issue arises from incorrect RCU usage in the connect path of the wifi component, specifically in the wilc parse join bss param() function. When lockdep is enabled, calls to the connect function from the cfg802.11 layer lead to a warning about suspicious RCU usage. This warning is emitted because the code dereferences an RCU pointer without being in an RCU critical section. The fix involves moving the RCU dereference to a RCU read critical section to avoid this issue.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the RCU usage in the connect path. Specifically, versions 6.7.0-rc1-wt and later should include this fix. If updating is not immediately possible, consider applying the patch that moves the RCU dereference to a RCU read critical section manually. However, this should be done with caution and only by experienced developers or system administrators.

At the moment, there is no information about other workarounds or mitigation measures for this specific issue.