Linux Kernel DC-2024-53074 (Medium)

2024-11-25

:

This CVE details a vulnerability in the Linux kernel’s iwlwifi driver related to Access Point (AP) management. The issue заключается (zaklyuchaetsya – means “lies” in Russian) in the driver not properly releasing resources when an AP is stopped, preventing it from being restarted. This impacts devices that don’t support the MLD API (mostly those older than Intel 9260).

Vulnerability Details:

Platform: Linux Kernel
Version: Not specified (likely impacts multiple versions)
Vulnerability: Improper resource handling in iwlwifi driver during AP stop/start
Severity: Medium (CVSS 3.x Base Score: 5.5)
Date: November 19, 2024 (published by NIST)

What Undercode Says:

This CVE seems to be a functionality issue rather than a security vulnerability in the traditional sense. An attacker cannot exploit this to gain unauthorized access to a system. However, it can cause denial-of-service (DoS) by preventing a legitimate user from restarting an AP. Users of affected devices (mostly older Intel Wi-Fi chipsets) should update their kernels to a patched version as soon as possible.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top