PT-2025-8782 · Linux+5 · Linux Kernel+5

Published

2024-12-10

Updated

2026-03-13

CVE-2024-57995

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A read-after-free issue was found in the Linux kernel, specifically in the ath12k wifi module. The problem occurs in the ath12k mac assign vif to vdev() function when an arvif is created on a different radio and then deleted, freeing the arvif pointer. A subsequent check involving arvif results in a read-after-free scenario. This issue is resolved by moving the check to after arvif is reassigned via a call to ath12k mac assign link vif().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:20095

ALSA-2025:20518

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALSA-2025_18281

ALSA-2025_19102

ALSA-2025_19103

ALSA-2025_19409

ALSA-2025_20518

BDU:2026-02734

CVE-2024-57995

INFSA-2025_20518

RHSA-2025:20095

RHSA-2025:20518

RHSA-2025_20518

SUSE-SU-2025:02254-1

SUSE-SU-2025:02307-1

SUSE-SU-2025:02333-1

SUSE-SU-2025_02254-1

SUSE-SU-2025_02307-1

SUSE-SU-2025_02333-1

Affected Products

Almalinux

Astra Linux

Linux Kernel

Red Hat

Rocky Linux

Suse

PT-2025-8782 · Linux+5 · Linux Kernel+5

CVE-2024-57995

Weakness Enumeration

Related Identifiers

Affected Products

References · 940