CVE-2024-47714 is a vulnerability identified in the Linux kernel specifically affecting the mt76 wireless driver for the mt7996 chipset. The issue arises from incorrect usage of the hweight function to determine the transmit antenna (tx_ant) configuration. The chainmask, which is a 16-bit unsigned integer (u16), was incorrectly processed using hweight8, a function designed for 8-bit values. This mismatch leads to an incorrect tx_ant value of -1 for the 5 GHz band (band 2). The incorrect tx_ant value causes a stack-out-of-bounds memory access in the function mt7996_mcu_add_sta, which is part of the mt7996e driver. This memory corruption is detected by Kernel Address Sanitizer (KASAN) as a stack-out-of-bounds error, indicating a potential for kernel crashes or undefined behavior. The vulnerability has been patched by correcting the use of hweight16 to properly handle the 16-bit chainmask, ensuring the correct tx_ant value is derived and preventing the out-of-bounds access. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet. The vulnerability affects specific Linux kernel versions containing the affected mt76 driver code prior to the patch date (October 21, 2024).

For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with the affected mt76 wireless driver and using the mt7996 chipset, which is common in some Wi-Fi 6 devices. Exploitation could lead to kernel crashes or potential privilege escalation if an attacker can trigger the stack-out-of-bounds condition, possibly leading to denial of service or further kernel-level compromise. This could disrupt critical network connectivity, especially in environments relying on Linux-based wireless infrastructure such as enterprise Wi-Fi access points, embedded devices, or IoT gateways. The impact is heightened in sectors with high dependency on stable wireless communications, including telecommunications, manufacturing, and public services. However, exploitation requires local access or the ability to interact with the wireless driver, limiting remote exploitation potential. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits post-disclosure.

European organizations should prioritize updating their Linux kernels to versions that include the patch for CVE-2024-47714. Specifically, ensure that the mt76 driver is updated to the fixed version where hweight16 is correctly used. For environments where immediate patching is not feasible, consider disabling or restricting the use of affected wireless interfaces or chipsets to reduce exposure. Network administrators should monitor for unusual kernel crashes or KASAN alerts related to mt7996e. Implement strict access controls to limit local user privileges and reduce the risk of exploitation by untrusted users. Additionally, organizations should audit their inventory to identify devices using the mt7996 chipset and assess their exposure. Employing kernel hardening techniques and enabling security modules like SELinux or AppArmor can provide additional layers of defense against exploitation attempts.