Read-After-Free Vulnerability in Linux Kernel's ath12k WLAN Driver
CVE-2024-57995

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

What is CVE-2024-57995?

A read-after-free vulnerability exists in the ath12k WLAN driver within the Linux kernel. This issue arises when an arbitrary virtual interface (arvif) is assigned to a different radio and subsequently gets deleted. During the deletion, the arvif pointer is freed, leading to a situation where a check involving the arvif pointer can result in accessing invalid memory. The issue has been resolved by adjusting the order of operations to ensure that the pointer check occurs after it is properly reassigned, thus eliminating the risk of unintended memory access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux b5068bc9180d06a5ac242b0f9263047c14f86211 < 57100b87c77818cb0d582a92e5cb32fff85c757d

Linux b5068bc9180d06a5ac242b0f9263047c14f86211

Linux b5068bc9180d06a5ac242b0f9263047c14f86211 < 5a10971c7645a95f5d5dc23c26fbac4bf61801d0

References

https://git.kernel.org/stable/c/57100b87c77818cb0d582a92e...

https://git.kernel.org/stable/c/f3a95a312419e4f1e99252591...

https://git.kernel.org/stable/c/5a10971c7645a95f5d5dc23c2...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Feb 27, 2025

JSON

Linux

What is CVE-2024-57995?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.