CVE-2024-44997 is a use-after-free vulnerability identified in the Linux kernel's MediaTek Wireless Ethernet Driver (mtk_wed), specifically affecting the function mtk_wed_setup_tc_block_cb(). The issue arises when multiple access point (AP) interfaces operate on the same wireless band with Wireless Ethernet Driver (WED) enabled. Under these conditions, shutting down one of the interfaces triggers a kernel panic on devices using the MT798X chipset. The root cause is that the callback private data pointer (cb_priv) is freed in mtk_wed_setup_tc_block() without being set to NULL afterward. Consequently, mtk_wed_setup_tc_block_cb() does not verify whether cb_priv is NULL before dereferencing it, leading to a use-after-free scenario. This results in an invalid kernel memory access, causing a kernel panic and potential denial of service. The vulnerability is specific to the MediaTek MT798X platform integrated into the Linux kernel's networking stack. The patch involves assigning NULL to cb_priv immediately after freeing it and adding a NULL check in the callback function to prevent dereferencing freed memory. The kernel panic trace shows the failure occurs during traffic control block operations, indicating the vulnerability impacts network interface management when multiple AP interfaces coexist on the same band with WED enabled. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.

For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with MediaTek MT798X chipsets that utilize multiple AP interfaces on the same band with WED enabled. The impact includes potential kernel panics leading to system crashes and denial of service, which could disrupt network connectivity and critical services relying on these wireless interfaces. Organizations deploying embedded Linux devices, such as routers, gateways, or IoT infrastructure using affected MediaTek chipsets, may face operational instability. While the vulnerability does not appear to allow remote code execution or privilege escalation directly, the denial of service could be exploited to disrupt network availability, impacting business continuity. In sectors like telecommunications, manufacturing, or critical infrastructure where such hardware is deployed, this could lead to significant operational downtime. Additionally, the kernel panic could complicate incident response and recovery, especially in environments with limited physical access to affected devices. Given the specificity of the vulnerability to MediaTek MT798X and WED configurations, the broader impact on general Linux server infrastructure is limited but should not be overlooked in embedded and network edge devices.

To mitigate CVE-2024-44997, European organizations should: 1) Identify and inventory all Linux-based devices using MediaTek MT798X chipsets, particularly those configured with multiple AP interfaces on the same band and WED enabled. 2) Apply the official Linux kernel patches that fix the use-after-free by setting cb_priv to NULL after free and adding NULL checks in mtk_wed_setup_tc_block_cb(). If official patches are not yet available, monitor Linux kernel mailing lists and vendor advisories for updates. 3) Temporarily disable WED or reduce the number of AP interfaces operating simultaneously on the same band as a workaround to prevent triggering the vulnerability. 4) Implement robust monitoring for kernel panics and unexpected reboots on affected devices to detect exploitation attempts or instability. 5) For embedded devices, coordinate with hardware vendors or device manufacturers to obtain updated firmware incorporating the kernel fix. 6) Harden network segmentation and access controls to limit exposure of vulnerable devices to untrusted networks, reducing the risk of remote triggering. 7) Conduct thorough testing of patches in staging environments to ensure stability before deployment in production, given the critical nature of kernel-level changes.