{"uuid": "ab739760-dcb0-435b-afef-81cf719d2318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57898", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1753", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57898\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: clear link ID from bitmap during link delete after clean up\n\nCurrently, during link deletion, the link ID is first removed from the\nvalid_links bitmap before performing any clean-up operations. However, some\nfunctions require the link ID to remain in the valid_links bitmap. One\nsuch example is cfg80211_cac_event(). The flow is -\n\nnl80211_remove_link()\n    cfg80211_remove_link()\n        ieee80211_del_intf_link()\n            ieee80211_vif_set_links()\n                ieee80211_vif_update_links()\n                    ieee80211_link_stop()\n                        cfg80211_cac_event()\n\ncfg80211_cac_event() requires link ID to be present but it is cleared\nalready in cfg80211_remove_link(). Ultimately, WARN_ON() is hit.\n\nTherefore, clear the link ID from the bitmap only after completing the link\nclean-up.\n\ud83d\udccf Published: 2025-01-15T13:05:49.718Z\n\ud83d\udccf Modified: 2025-01-15T13:05:49.718Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/ae07daf440d3220d0986e676317a5da66e4f9dfd\n2. https://git.kernel.org/stable/c/b5c32ff6a3a38c74facdd1fe34c0d709a55527fd", "creation_timestamp": "2025-01-15T14:22:18.000000Z"}