CVE-2024-47718
📋 TL;DR
This CVE describes a use-after-free vulnerability in the Linux kernel's rtw88 WiFi driver. If exploited, it could allow local attackers to crash the system or potentially execute arbitrary code. Systems using Realtek rtw88 WiFi chipsets with affected kernel versions are vulnerable.
💻 Affected Systems
- Linux kernel with rtw88 WiFi driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation leading to kernel compromise and full system control
Likely Case
Kernel panic or system crash causing denial of service
If Mitigated
System remains stable with no impact if patched or workaround applied
🎯 Exploit Status
Requires local access and timing conditions during USB WiFi device initialization/failure
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 0e735a4c6137, 1b8178a2ae27, 7887ad11995a, 9432185540ba, or a0c1e2da652c
Vendor Advisory: https://git.kernel.org/stable/c/0e735a4c6137262bcefe45bb52fde7b1f5fc6c4d
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system. 3. Verify kernel version and that rtw88 module loads properly.
🔧 Temporary Workarounds
Disable rtw88 module
linuxPrevent loading of vulnerable rtw88 WiFi driver
echo 'blacklist rtw88' | sudo tee /etc/modprobe.d/blacklist-rtw88.conf
sudo rmmod rtw88
sudo update-initramfs -u
Avoid USB WiFi devices using rtw88
linuxUse alternative WiFi hardware not requiring rtw88 driver
🧯 If You Can't Patch
- Restrict physical and local user access to systems with vulnerable configurations
- Monitor for kernel panics or crashes related to WiFi initialization
🔍 How to Verify
Check if Vulnerable:
Check if rtw88 module is loaded and kernel version is before fix: 'lsmod | grep rtw88' and 'uname -r'Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits and rtw88 module loads without issues📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- KASAN use-after-free reports in dmesg
- WiFi initialization failures
Network Indicators:
- Unexpected WiFi disconnections during boot/initialization
SIEM Query:
search 'kernel:.*rtw88.*UAF' OR 'kernel:.*KASAN.*use-after-free.*rtw88' in system logs🔗 References
- https://git.kernel.org/stable/c/0e735a4c6137262bcefe45bb52fde7b1f5fc6c4d
- https://git.kernel.org/stable/c/1b8178a2ae272256ea0dc4f940320a81003535e2
- https://git.kernel.org/stable/c/7887ad11995a4142671cc49146db536f923c8568
- https://git.kernel.org/stable/c/9432185540bafd42b7bfac6e6ef2f0a0fb4be447
- https://git.kernel.org/stable/c/a0c1e2da652cf70825739bc12d49ea15805690bf
- https://git.kernel.org/stable/c/ceaab3fb64d6a5426a3db8f87f3e5757964f2532
- https://git.kernel.org/stable/c/e9a78d9417e167410d6fb83c4e908b077ad8ba6d
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
