CVE-2024-57948

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.177, 6.1.127, 6.6.74, and 6.12.11

Description The issue is related to the ieee802154 if remove() function in the Linux kernel, which is responsible for removing an IEEE 802.15.4 network interface. The problem arises due to insufficient input validation, leading to a corrupted list and potential denial-of-service. The vulnerability can be exploited by removing an IEEE 802.15.4 network interface after unregistering an IEEE 802.15.4 hardware device from the system. Technical details include the list del(&sdata->list) and ieee802154 if remove() functions, as well as the genl family rcv msg doit() and ieee802154 del iface() functions.

Recommendations To resolve the issue, update the Linux kernel to version 5.15.177, 6.1.127, 6.6.74, or 6.12.11, or later. As a temporary workaround, consider adding a check for local interfaces before deleting the sdata list in the ieee802154 if remove() function. Restrict access to the ieee802154 if remove() function to minimize the risk of exploitation. Avoid using the list del(&sdata->list) function in the affected API endpoint until the issue is resolved.