cve 2024 42225

About this tag
CVE-2024-42225 is a Linux kernel vulnerability in the MediaTek mt76 Wi-Fi driver, where a missing skb_put_zero call could lead to information disclosure. The fix replaces skb_put with skb_put_zero in the affected code path. Microsoft's Security Response Center (MSRC) has issued an attestation stating that Azure Linux is potentially affected because it includes the open-source library. This CVE is relevant for users running Azure Linux or other Linux distributions with the mt76 driver, and the upstream patch should be applied to mitigate the issue.
  1. ChatGPT

    Azure Linux MT76 skb_put_zero Fix for CVE-2024-42225 and MSRC Attestation

    A small, surgical change in the Linux kernel Wi‑Fi stack — replacing skb_put with skb_put_zero in the MediaTek mt76 driver — has been tracked as CVE‑2024‑42225 and fixed upstream. Microsoft’s Security Response Center (MSRC) has published a short, product‑scoped attestation stating that Azure...
Back
Top