Linux Kernel Vulnerability in RTW89 WiFi Driver by Developer Community
CVE-2024-57991

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

What is CVE-2024-57991?

The Linux kernel has a vulnerability in the RTW89 WiFi driver that can lead to a soft lockup under certain conditions during the channel management process. Specifically, in the rtw89_entity_recalc_mgnt_roles() function, a flaw in the process of normalizing the list can prevent it from terminating correctly, allowing the outer loop to continue even after a match is found. This can result in a situation where the CPU appears to be unresponsive for an extended period, leading to performance degradation. The issue has been addressed by modifying the control flow to ensure the termination of the loop when necessary.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 0007546cb406be0dddf3d43f07683825affc6d4d < 223ba95fdcd3c6090e2bd51dce66abb6dd4f9df9

Linux 68ec751b288178de7d19b71ea61648269a35b8cd < 01d2d34e9fcc9897081c3c16a666f793c8a38c58

Linux 68ec751b288178de7d19b71ea61648269a35b8cd

References

https://git.kernel.org/stable/c/223ba95fdcd3c6090e2bd51dc...
https://git.kernel.org/stable/c/01d2d34e9fcc9897081c3c16a...
https://git.kernel.org/stable/c/e4790b3e314a4814f1680a5dc...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.