CVE-2024-46672: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's brcmfmac WiFi driver has been identified and resolved. The issue affects the handling of SSID-based PMKSA (Pairwise Master Key Security Association) deletion commands. The vulnerability was introduced when wpasupplicant 2.11 began sending SSID-based PMKSA deletion commands, but brcmfmac was not properly prepared to handle these commands, leading to NULL pointer dereference in cfg80211pmksa (NVD).

The vulnerability occurs in the brcmfmac driver's cfg80211 implementation where it attempts to dereference NULL bssid and pmkid pointers in cfg80211pmksa. The issue specifically relates to PMKIDV3 operations which support SSID-based updates. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local access is required and the primary impact is on availability (NVD).

The vulnerability can lead to a NULL pointer dereference in the kernel's WiFi subsystem, potentially causing system crashes or denial of service conditions. This affects systems running Linux kernel versions from 6.4 through 6.6.48, versions from 6.7 through 6.10.7, and specific release candidates of version 6.11 (NVD).

The vulnerability has been patched in the Linux kernel. The fix involves properly handling SSID-based PMKSA deletion by adding checks for NULL pointers and implementing proper SSID copying in the PMKID_V3 operations. Users should upgrade to kernel versions 6.6.48, 6.10.7, or later to receive the fix (Kernel Patch).