CVE-2024-57990 – This CVE describes an off-by-one vulnerability ... (How to Fix)

Q: What is the severity of CVE-2024-57990?

CVE-2024-57990 has a CVSS score of 7.8 (HIGH). This CVE describes an off-by-one vulnerability in the mt7925 WiFi driver in the Linux kernel that could allow an attacker with local access to cause an out-of-bounds read/write. The vulnerability affects systems using MediaTek MT7925 WiFi chips with vulnerable kernel versions. Attackers could potentially escalate privileges or crash the system.

📋 TL;DR

This CVE describes an off-by-one vulnerability in the mt7925 WiFi driver in the Linux kernel that could allow an attacker with local access to cause an out-of-bounds read/write. The vulnerability affects systems using MediaTek MT7925 WiFi chips with vulnerable kernel versions. Attackers could potentially escalate privileges or crash the system.

💻 Affected Systems

Products:

Linux kernel with MediaTek MT7925 WiFi driver

Versions: Linux kernel versions with vulnerable mt76 driver before fixes in stable commits 08fa656c91fd5fdf47ba393795b9c0d1e97539ed, 2d1628d32300e4f67ac0b7409cbfa7b912a8fe9d, d03b8fe1b518fc2ea2d82588e905f56d80cd64b2

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only vulnerable if mt7925 WiFi driver module is loaded and in use.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise, kernel memory corruption, or system crash/DoS.

🟠

Likely Case

Kernel panic or system crash requiring reboot, potentially leading to denial of service.

🟢

If Mitigated

No impact if patched or if the vulnerable driver module is not loaded.

🌐 Internet-Facing: LOW - Requires local access to exploit, not directly reachable from internet.

🏢 Internal Only: MEDIUM - Local attackers or malicious insiders could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of kernel exploitation techniques. No public exploit available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel versions containing the stable commits listed in references

Vendor Advisory: https://git.kernel.org/stable/c/08fa656c91fd5fdf47ba393795b9c0d1e97539ed

Restart Required: No

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager to update kernel package. 3. Rebuild kernel if using custom kernel. 4. No reboot required if using kernel live patching.

🔧 Temporary Workarounds

Disable mt7925 WiFi module

all

Prevent loading of vulnerable driver module

echo 'blacklist mt7925e' >> /etc/modprobe.d/blacklist-mt7925.conf
rmmod mt7925e

🧯 If You Can't Patch

Restrict local access to systems using principle of least privilege
Implement kernel module signing and secure boot to prevent unauthorized module loading

🔍 How to Verify

Check if Vulnerable:

Check if mt7925e module is loaded: lsmod | grep mt7925e. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits. Check dmesg for any mt7925-related errors after driver usage.

📡 Detection & Monitoring

Log Indicators:

Kernel oops messages in dmesg
System crashes/panics related to mt76 or mt7925 driver

Network Indicators:

Unexpected WiFi disconnections on affected hardware

SIEM Query:

search 'kernel: BUG:' OR 'kernel: Oops:' OR 'mt7925' in system logs

📊 Metadata

CVE ID: CVE-2024-57990

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-193

EPSS Score: 0.03% exploit probability (8.4th percentile)

Published: February 27, 2025

Last Updated: October 1, 2025

🔗 References

https://git.kernel.org/stable/c/08fa656c91fd5fdf47ba393795b9c0d1e97539ed Mailing List,Patch
https://git.kernel.org/stable/c/2d1628d32300e4f67ac0b7409cbfa7b912a8fe9d Mailing List,Patch
https://git.kernel.org/stable/c/d03b8fe1b518fc2ea2d82588e905f56d80cd64b2 Mailing List,Patch

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57990, you might also want to check these: