CVE-2024-57898

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue concerns the Linux kernel's wifi functionality, specifically the cfg80211 module. During link deletion, the link ID is removed from the valid links bitmap before cleanup operations, which causes problems for functions like cfg80211 cac event() that require the link ID to remain in the bitmap. This results in a WARN ON() being triggered. The flow of functions involved includes nl80211 remove link(), cfg80211 remove link(), ieee80211 del intf link(), ieee80211 vif set links(), ieee80211 vif update links(), ieee80211 link stop(), and cfg80211 cac event().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-672

Related Identifiers

AZL-62705

AZL-68573

BDU:2025-03514

CVE-2024-57898

ECHO-A225-C31A-FB58

INFSA-2025_6966

RHSA-2025:6966

RHSA-2025_6966

USN-7379-1

USN-7379-2

USN-7380-1

USN-7381-1

USN-7382-1

USN-7513-1

USN-7513-2

USN-7513-3

USN-7513-4

USN-7513-5

USN-7514-1

USN-7515-1

USN-7515-2

USN-7522-1

USN-7523-1

USN-7524-1

Affected Products

Debian

Linuxmint

Linux Kernel

Red Hat

Ubuntu

CVE-2024-57898

Weakness Enumeration

Related Identifiers

Affected Products

References · 829