CVE-2024-57989
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links In mt7925_change_vif_links() devm_kzalloc() may return NULL but this returned value is not checked.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description kernel: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links CVSS v3: 4.4 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 10kernel-0:6.12.0-124.8.1.el10_1RHSA-2025:200952025-11-11T00:00:00Z Red Hat Enterprise Linux 9kernel-0:5.14.0-611.5.1.el9_7RHSA-2025:205182025-11-11T00:00:00Z Red Hatβ¦
Description
kernel: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links
CVSS v3: 4.4 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 10 | kernel-0:6.12.0-124.8.1.el10_1 | RHSA-2025:20095 | 2025-11-11T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-611.5.1.el9_7 | RHSA-2025:20518 | 2025-11-11T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-611.5.1.el9_7 | RHSA-2025:20518 | 2025-11-11T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected |
| Red Hat Enterprise Linux 7 | kernel | Not affected |
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected |
| Red Hat Enterprise Linux 8 | kernel | Not affected |
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected |
| Red Hat Enterprise Linux 9 | kernel-rt | Will not fix |
Apply commands
yum update -y kernel
# or:
dnf upgrade -y kernelAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 6 | Not affected |
| redhat | Red Hat Enterprise Linux 7 | Not affected |
| redhat | Red Hat Enterprise Linux 7 | Not affected |
| redhat | Red Hat Enterprise Linux 8 | Not affected |
| redhat | Red Hat Enterprise Linux 8 | Not affected |
OS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| β | Affected | β |
AlmaLinux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | kernel-doc-5.14.0-611.5.1.el9_7.noarch.rpm |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 6.12.13-1 |
| sid | Fixed | 6.12.13-1 |
| forky | Fixed | 6.12.13-1 |
| bullseye | Fixed | 0 |
| bookworm | Fixed | 0 |
Red Hat Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | β |
Rocky Linux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | β |
References
- https://access.redhat.com/errata/RHSA-2025:20518
- https://www.suse.com/security/cve/CVE-2024-57989.html
- https://errata.rockylinux.org/RLSA-2025:20518
- https://security-tracker.debian.org/tracker/CVE-2024-57989
- https://bugzilla.redhat.com/2298169
- https://bugzilla.redhat.com/2312077
- https://bugzilla.redhat.com/2313092
- https://bugzilla.redhat.com/2320172
- https://bugzilla.redhat.com/2320259
- https://bugzilla.redhat.com/2320455
- https://bugzilla.redhat.com/2320616
- https://bugzilla.redhat.com/2320722
- https://bugzilla.redhat.com/2324549
- https://bugzilla.redhat.com/2327203
- https://bugzilla.redhat.com/2327374
- https://bugzilla.redhat.com/2327887
- https://bugzilla.redhat.com/2329918
- https://bugzilla.redhat.com/2330341
- https://bugzilla.redhat.com/2331326
- https://bugzilla.redhat.com/2334357
- https://bugzilla.redhat.com/2334396
- https://bugzilla.redhat.com/2334415
- https://bugzilla.redhat.com/2334439
- https://bugzilla.redhat.com/2334537
- https://bugzilla.redhat.com/2334547
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.