CVE-2024-58062

wifi: iwlwifi: mvm: avoid NULL pointer dereference

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the
pointer is valid (in other words - that the link exists) before
dereferncing it.
Use for_each_vif_active_link that also does the check.

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer is valid (in other words - that the link exists) before dereferncing it. Use for_each_vif_active_link that also does the check.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-03-06 CVE Reserved
2025-03-06 CVE Published
2025-03-06 CVE Updated
2025-03-07 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (4)

URL	Tag	Source
https://git.kernel.org/stable/c/2b7ee1a10a72ef8f3df621133ac04e80e8214037	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/fbb563ad5032a07ac83c746ce5c8de5f25b5ffd0	2025-02-08
https://git.kernel.org/stable/c/7f6fb4b7611eb6371c493c42fefad84a1742bcbb	2025-02-08
https://git.kernel.org/stable/c/cf704a7624f99eb2ffca1a16c69183e85544a613	2025-01-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12 < 6.12.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12 < 6.12.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12 < 6.13.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12 < 6.13.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12 < 6.14-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12 < 6.14-rc1"		en		Affected