Linux Kernel WiFi Driver Release Report Validation Vulnerability for RTL8922DE

A vulnerability in the Linux kernel's WiFi driver for Realtek RTL8922DE chips has been addressed. The issue arose because the driver did not properly validate the release report sequence, leading to potential crashes from malformed reports. Although the exact cause of the malformation was unclear, preemptive validation rules were added to prevent crashes by ensuring the release report content is accurate before use.

Impact

The vulnerability could lead to a denial-of-service condition by causing the system to crash when it encounters a malformed release report from the RTL8922DE chip.

Reproduction

The vulnerability can be reproduced by using a Realtek RTL8922DE WiFi chip with the affected Linux kernel version. When the chip sends a release report, the driver may not correctly process it, leading to a crash.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched kernel are available on the official Linux kernel website.