CVE-2024-57948NULL Pointer Dereference in Linux

CWE-476NULL Pointer DereferenceCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer67 documents6 sources
Severity
5.5MEDIUMNVD
OSV7.8OSV5.9
EPSS
0.0%
top 90.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedJan 31
Latest updateJul 17

Description

In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardware device from the system. CPU0 CPU1 ==== ==== genl_family_rcv_msg_doit ieee802154_unregister_hw ieee802154_del_iface ieee802154_remove_interfaces rdev_del_virtual_intf_deprecated list_del(&sdata->list) ieee802154_if_rem

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDlinux/linux_kernel5.55.10.234+6
Debianlinux/linux_kernel< 5.10.234-1+3
Ubuntulinux/linux_kernel< 5.4.0-211.231+2
CVEListV5linux/linux62610ad21870a8cf842d4a48f07c3a964e1d26220d11dc30edfc4acef0acef130bb5ca596317190a+7
debiandebian/linux< linux 6.1.128-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

34
OSV
linux-hwe-6.8 vulnerabilities2025-07-17
OSV
linux-gcp, linux-gcp-6.8 vulnerabilities2025-06-30
OSV
linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities2025-06-26
OSV
linux-raspi-realtime vulnerabilities2025-06-25
OSV
linux-azure-nvidia vulnerabilities2025-06-25

📋Vendor Advisories

32
Ubuntu
Linux kernel (HWE) vulnerabilities2025-07-17
Ubuntu
Linux kernel vulnerabilities2025-06-30
Ubuntu
Linux kernel (Azure, N-Series) vulnerabilities2025-06-25
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-06-25
Ubuntu
Linux kernel (Azure) vulnerabilities2025-06-24