Linux Kernel Vulnerability in RTW89 WiFi Driver by Developer Community
CVE-2024-57991

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

The Linux kernel has a vulnerability in the RTW89 WiFi driver that can lead to a soft lockup under certain conditions during the channel management process. Specifically, in the rtw89_entity_recalc_mgnt_roles() function, a flaw in the process of normalizing the list can prevent it from terminating correctly, allowing the outer loop to continue even after a match is found. This can result in a situation where the CPU appears to be unresponsive for an extended period, leading to performance degradation. The issue has been addressed by modifying the control flow to ensure the termination of the loop when necessary.

Affected Version(s)

Linux 0007546cb406be0dddf3d43f07683825affc6d4d < 223ba95fdcd3c6090e2bd51dce66abb6dd4f9df9

Linux 68ec751b288178de7d19b71ea61648269a35b8cd < 01d2d34e9fcc9897081c3c16a666f793c8a38c58

Linux 68ec751b288178de7d19b71ea61648269a35b8cd

References

https://git.kernel.org/stable/c/223ba95fdcd3c6090e2bd51dc...

https://git.kernel.org/stable/c/01d2d34e9fcc9897081c3c16a...

https://git.kernel.org/stable/c/e4790b3e314a4814f1680a5dc...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Feb 27, 2025