CVE-2024-50235 Information

Description

In the Linux kernel the following vulnerability has been resolved:

wifi: cfg80211: clear wdev->cqm_config pointer on free

When we free wdev->cqm_config when unregistering we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network namespace then destroyed later running this code again which results in a double-free.

Reference

https://git.kernel.org/stable/c/ba392e1355ba74b1d4fa11b85f71ab6ed7ecc058 https://git.kernel.org/stable/c/6c44abb2d4c3262737d5d67832daebc8cf48b8c9 https://git.kernel.org/stable/c/64e4c45d23cd7f6167f69cc2d2877bc7f54292e5 https://git.kernel.org/stable/c/d5fee261dfd9e17b08b1df8471ac5d5736070917