CVE-2024-46825

MEDIUM EPSS 13.7%
Published Sep 27, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 27, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check The lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is normally called with input from the firmware, so it should use IWL_FW_CHECK() instead of WARN_ON().

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥6.6  –  <6.6.51
linuxlinux_kernel*≥6.7  –  <6.10.10

References 3

  • git.kernel.org https://git.kernel.org/stable/c/3cca098c91391b3fa48142bfda57048b985c87f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/415f3634d53c7fb4cf07d2f5a0be7f2e15e6da33
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9215152677d4b321801a92b06f6d5248b2b4465f
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3cca098c91391b3fa48142bfda57048b985c87f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/415f3634d53c7fb4cf07d2f5a0be7f2e15e6da33
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9215152677d4b321801a92b06f6d5248b2b4465f
    Patch