CVE-2024-46672

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 11, 2024
Updated: Sep 13, 2024
CWE ID 476

Summary

CVE-2024-46672 is a vulnerability in the Linux kernel affecting products that utilize the brcmfmac driver, particularly those listed under affected products. The issue arises from a NULL pointer dereference when handling SSID-based PMKSA deletion commands from wpa_supplicant 2.11, which can potentially lead to system crashes. To remediate this vulnerability, users are advised to apply the patches available through the provided links in the references. The vulnerability has a medium severity rating, with an availability impact score indicating a high risk of service disruption. Exploitation requires low privileges and does not involve user interaction, posing a threat primarily through local access to affected systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share