{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-47712","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-09-30T16:00:12.948Z","datePublished":"2024-10-21T11:53:44.763Z","dateUpdated":"2025-11-03T22:21:16.228Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:59:02.709Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param\n\nIn the `wilc_parse_join_bss_param` function, the TSF field of the `ies`\nstructure is accessed after the RCU read-side critical section is\nunlocked. According to RCU usage rules, this is illegal. Reusing this\npointer can lead to unpredictable behavior, including accessing memory\nthat has been updated or causing use-after-free issues.\n\nThis possible bug was identified using a static analysis tool developed\nby myself, specifically designed to detect RCU-related issues.\n\nTo address this, the TSF value is now stored in a local variable\n`ies_tsf` before the RCU lock is released. The `param->tsf_lo` field is\nthen assigned using this local variable, ensuring that the TSF value is\nsafely accessed."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/microchip/wilc1000/hif.c"],"versions":[{"version":"e556006de4ea93abe2b46cba202a2556c544b8b2","lessThan":"5a24cedc243ace5ed7c1016f52a7bfc8f5b07815","status":"affected","versionType":"git"},{"version":"b4bbf38c350acb6500cbe667b1e2e68f896e4b38","lessThan":"557418e1704605a81c9e26732449f71b1d40ba1e","status":"affected","versionType":"git"},{"version":"d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2","lessThan":"bf090f4fe935294361eabd9dc5a949fdd77d3d1b","status":"affected","versionType":"git"},{"version":"745003b5917b610352f52fe0d11ef658d6471ec2","lessThan":"b040b71d99ee5e17bb7a743dc01cbfcae8908ce1","status":"affected","versionType":"git"},{"version":"4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce","lessThan":"84398204c5df5aaf89453056cf0647cda9664d2b","status":"affected","versionType":"git"},{"version":"205c50306acf58a335eb19fa84e40140f4fe814f","lessThan":"2f944e6255c2fc1c9bd9ee32f6b14ee0b2a51eb5","status":"affected","versionType":"git"},{"version":"205c50306acf58a335eb19fa84e40140f4fe814f","lessThan":"79510414a7626317f13cc9073244ab7a8deb3192","status":"affected","versionType":"git"},{"version":"205c50306acf58a335eb19fa84e40140f4fe814f","lessThan":"6d7c6ae1efb1ff68bc01d79d94fdf0388f86cdd8","status":"affected","versionType":"git"},{"version":"5800ec78775c0cd646f71eb9bf8402fb794807de","status":"affected","versionType":"git"},{"version":"dd50d3ead6e3707bb0a5df7cc832730c93ace3a7","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/microchip/wilc1000/hif.c"],"versions":[{"version":"6.9","status":"affected"},{"version":"0","lessThan":"6.9","status":"unaffected","versionType":"semver"},{"version":"5.4.285","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.227","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.168","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.113","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.54","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.13","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11.2","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.273","versionEndExcluding":"5.4.285"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.214","versionEndExcluding":"5.10.227"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.153","versionEndExcluding":"5.15.168"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.83","versionEndExcluding":"6.1.113"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.23","versionEndExcluding":"6.6.54"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.10.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.11.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8.2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5a24cedc243ace5ed7c1016f52a7bfc8f5b07815"},{"url":"https://git.kernel.org/stable/c/557418e1704605a81c9e26732449f71b1d40ba1e"},{"url":"https://git.kernel.org/stable/c/bf090f4fe935294361eabd9dc5a949fdd77d3d1b"},{"url":"https://git.kernel.org/stable/c/b040b71d99ee5e17bb7a743dc01cbfcae8908ce1"},{"url":"https://git.kernel.org/stable/c/84398204c5df5aaf89453056cf0647cda9664d2b"},{"url":"https://git.kernel.org/stable/c/2f944e6255c2fc1c9bd9ee32f6b14ee0b2a51eb5"},{"url":"https://git.kernel.org/stable/c/79510414a7626317f13cc9073244ab7a8deb3192"},{"url":"https://git.kernel.org/stable/c/6d7c6ae1efb1ff68bc01d79d94fdf0388f86cdd8"}],"title":"wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-47712","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-10-21T13:03:07.439547Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-21T13:04:18.804Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:21:16.228Z"}}]}}