You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2024 42225
About this tag
CVE-2024-42225 is a Linux kernel vulnerability in the MediaTek mt76 Wi-Fi driver, where a missing skb_put_zero call could lead to information disclosure. The fix replaces skb_put with skb_put_zero in the affected code path. Microsoft's Security Response Center (MSRC) has issued an attestation stating that Azure Linux is potentially affected because it includes the open-source library. This CVE is relevant for users running Azure Linux or other Linux distributions with the mt76 driver, and the upstream patch should be applied to mitigate the issue.
A small, surgical change in the Linux kernel Wi‑Fi stack — replacing skb_put with skb_put_zero in the MediaTek mt76 driver — has been tracked as CVE‑2024‑42225 and fixed upstream. Microsoft’s Security Response Center (MSRC) has published a short, product‑scoped attestation stating that Azure...