{"id":"CVE-2024-47712","summary":"wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param\n\nIn the `wilc_parse_join_bss_param` function, the TSF field of the `ies`\nstructure is accessed after the RCU read-side critical section is\nunlocked. According to RCU usage rules, this is illegal. Reusing this\npointer can lead to unpredictable behavior, including accessing memory\nthat has been updated or causing use-after-free issues.\n\nThis possible bug was identified using a static analysis tool developed\nby myself, specifically designed to detect RCU-related issues.\n\nTo address this, the TSF value is now stored in a local variable\n`ies_tsf` before the RCU lock is released. The `param-\u003etsf_lo` field is\nthen assigned using this local variable, ensuring that the TSF value is\nsafely accessed.","modified":"2026-03-20T12:38:05.220183Z","published":"2024-10-21T11:53:44.763Z","related":["MGASA-2024-0344","MGASA-2024-0345","SUSE-SU-2024:3984-1","SUSE-SU-2024:3986-1","SUSE-SU-2024:4315-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4364-1","SUSE-SU-2024:4376-1","SUSE-SU-2024:4387-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1","USN-7276-1","USN-7277-1","openSUSE-SU-2024:14500-1","openSUSE-SU-2025:14705-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47712.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2f944e6255c2fc1c9bd9ee32f6b14ee0b2a51eb5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/557418e1704605a81c9e26732449f71b1d40ba1e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5a24cedc243ace5ed7c1016f52a7bfc8f5b07815"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6d7c6ae1efb1ff68bc01d79d94fdf0388f86cdd8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/79510414a7626317f13cc9073244ab7a8deb3192"},{"type":"WEB","url":"https://git.kernel.org/stable/c/84398204c5df5aaf89453056cf0647cda9664d2b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b040b71d99ee5e17bb7a743dc01cbfcae8908ce1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bf090f4fe935294361eabd9dc5a949fdd77d3d1b"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47712.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47712"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e556006de4ea93abe2b46cba202a2556c544b8b2"},{"fixed":"5a24cedc243ace5ed7c1016f52a7bfc8f5b07815"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b4bbf38c350acb6500cbe667b1e2e68f896e4b38"},{"fixed":"557418e1704605a81c9e26732449f71b1d40ba1e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2"},{"fixed":"bf090f4fe935294361eabd9dc5a949fdd77d3d1b"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"745003b5917b610352f52fe0d11ef658d6471ec2"},{"fixed":"b040b71d99ee5e17bb7a743dc01cbfcae8908ce1"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce"},{"fixed":"84398204c5df5aaf89453056cf0647cda9664d2b"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"205c50306acf58a335eb19fa84e40140f4fe814f"},{"fixed":"2f944e6255c2fc1c9bd9ee32f6b14ee0b2a51eb5"},{"fixed":"79510414a7626317f13cc9073244ab7a8deb3192"},{"fixed":"6d7c6ae1efb1ff68bc01d79d94fdf0388f86cdd8"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"5800ec78775c0cd646f71eb9bf8402fb794807de"},{"last_affected":"dd50d3ead6e3707bb0a5df7cc832730c93ace3a7"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47712.json"}}],"schema_version":"1.7.5"}