VYPR
Unrated severityNVD Advisory· Published Oct 21, 2024· Updated May 4, 2025

mac802154: Fix potential RCU dereference issue in mac802154_scan_worker

CVE-2024-50005

Description

In the Linux kernel, the following vulnerability has been resolved:

mac802154: Fix potential RCU dereference issue in mac802154_scan_worker

In the mac802154_scan_worker function, the scan_req->type field was accessed after the RCU read-side critical section was unlocked. According to RCU usage rules, this is illegal and can lead to unpredictable behavior, such as accessing memory that has been updated or causing use-after-free issues.

This possible bug was identified using a static analysis tool developed by myself, specifically designed to detect RCU-related issues.

To address this, the scan_req->type value is now stored in a local variable scan_req_type while still within the RCU read-side critical section. The scan_req_type is then used after the RCU lock is released, ensuring that the type value is safely accessed without violating RCU rules.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.