PT-2025-3624 · Linux+4 · Linux Kernel+4

Published

2024-11-25

·

Updated

2026-05-26

·

CVE-2024-57899

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description The issue is related to the wifi mac80211 component in the Linux kernel, where the size of an unsigned long is 4 bytes on 32-bit systems, while a u64 is 8 bytes. This leads to incorrect bit finding when using or each set bit(bit, &bits, sizeof(changed) * BITS PER BYTE). The solution involves ensuring the size of the bits variable is correctly adjusted for each architecture. A call trace is provided, showing the sequence of function calls leading to the issue, including ieee80211 link info change notify, report bug, and handle bug.
Recommendations To resolve the issue, update to Linux kernel version 6.6.74 or later. As a temporary workaround, consider restricting the use of the wifi mac80211 component on 32-bit systems until a patch is available.

Exploit

Fix

Weakness Enumeration

CWE-681

Related Identifiers

AZL-68576
BDU:2025-03523
CVE-2024-57899
ECHO-C7AE-8939-6338
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1285
OESA-2025-1286
OPENSUSE-SU-2025_0428-1
OPENSUSE-SU-2025_0499-1
OPENSUSE-SU-2025_0557-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:0428-1
SUSE-SU-2025:0499-1
SUSE-SU-2025:0557-1
SUSE-SU-2025:0565-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0428-1
SUSE-SU-2025_0499-1
SUSE-SU-2025_0557-1
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1

Affected Products

Debian
Linuxmint
Linux Kernel
Suse
Ubuntu