CVE-2024-56663: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56663 is an off-by-one error vulnerability discovered in the Linux kernel's wifi subsystem, specifically in the nl80211 netlink attribute range validation. The vulnerability was disclosed on December 27, 2024, affecting Linux kernel versions from 5.19.2 up to 6.13-rc2. The issue occurs in the NL80211ATTRMLOLINKID attribute validation where the maximum value was incorrectly set (NVD).

The vulnerability stems from an incorrect range validation in the netlink attribute NL80211ATTRMLOLINKID. Since the netlink attribute range validation provides inclusive checking, the maximum value of the attribute should be IEEE80211MLDMAXNUMLINKS - 1, but it was incorrectly set to IEEE80211MLDMAXNUMLINKS. This off-by-one error can lead to wild memory access. The vulnerability has been assigned a CVSS v3.1 base score of 7.1 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

The vulnerability can result in wild memory access, potentially leading to system crashes or information leaks. A demonstration crash stack shows the issue manifesting in the ieee80211txcontrol_port function, which could affect the wireless networking functionality of the system (Kernel Patch).

The vulnerability has been fixed in multiple Linux kernel versions through patches that correct the range validation. The fix updates the policy to ensure correct validation by changing the maximum value to IEEE80211MLDMAXNUMLINKS - 1. Users are recommended to upgrade their systems to patched versions (Kernel Patch).