Linux Kernel RTLwifi Privileged Data Handling Vulnerability

Vulnerability

A vulnerability in the Linux kernel's RTLwifi component involves improper management of private data structures, potentially leading to memory corruption. The issue arises because a global list intended to track private data is not correctly maintained; failed probe operations do not remove the associated data, allowing subsequent probes to access freed memory. Although a locking mechanism exists for the list, it is not utilized, creating a risk of race conditions and data corruption during repeated probe attempts.

Impact

Exploitation of this vulnerability could lead to memory corruption by allowing a second probe to access freed memory, potentially causing a use-after-free condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RTLwifi Privileged Data Handling Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating