{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24804", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "state": "PUBLISHED", "assignerShortName": "GovTech CSG", "dateReserved": "2026-01-27T08:39:10.280Z", "datePublished": "2026-01-27T08:40:19.319Z", "dateUpdated": "2026-01-27T17:05:12.071Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/coolsnowwolf/lede", "defaultStatus": "affected", "modules": ["package/lean/mt/drivers/mt7603e/src/mt7603_wifi/common"], "product": "lede", "programFiles": ["bn_lib.c"], "vendor": "coolsnowwolf", "versions": [{"lessThanOrEqual": "r25.10.1", "status": "affected", "version": "0", "versionType": "git"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in coolsnowwolf lede (package/lean/mt/drivers/mt7603e/src/mt7603_wifi/common modules).<p> This vulnerability is associated with program files <tt>bn_lib.C</tt>.</p><p>This issue affects lede: through r25.10.1.</p>"}], "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in coolsnowwolf lede (package/lean/mt/drivers/mt7603e/src/mt7603_wifi/common modules). This vulnerability is associated with program files bn_lib.C.\n\nThis issue affects lede: through r25.10.1."}], "metrics": [{"cvssV4_0": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.2, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/S:N/AU:Y/R:U/V:C/RE:L/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-835", "description": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:40:19.319Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/coolsnowwolf/lede/pull/13368"}], "source": {"discovery": "UNKNOWN"}, "title": "A infinite loop vulnerability in coolsnowwolf/lede", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T17:05:01.713303Z", "id": "CVE-2026-24804", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T17:05:12.071Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24804", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-27T17:05:01.713303Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T17:05:08.273Z"}}], "cna": {"title": "A infinite loop vulnerability in coolsnowwolf/lede", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 9.2, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/S:N/AU:Y/R:U/V:C/RE:L/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "coolsnowwolf", "modules": ["package/lean/mt/drivers/mt7603e/src/mt7603_wifi/common"], "product": "lede", "versions": [{"status": "affected", "version": "0", "versionType": "git", "lessThanOrEqual": "r25.10.1"}], "programFiles": ["bn_lib.c"], "collectionURL": "https://github.com/coolsnowwolf/lede", "defaultStatus": "affected"}], "references": [{"url": "https://github.com/coolsnowwolf/lede/pull/13368", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in coolsnowwolf lede (package/lean/mt/drivers/mt7603e/src/mt7603_wifi/common modules). This vulnerability is associated with program files bn_lib.C.\n\nThis issue affects lede: through r25.10.1.", "supportingMedia": [{"type": "text/html", "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in coolsnowwolf lede (package/lean/mt/drivers/mt7603e/src/mt7603_wifi/common modules).<p> This vulnerability is associated with program files <tt>bn_lib.C</tt>.</p><p>This issue affects lede: through r25.10.1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-835", "description": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-01-27T08:40:19.319Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24804", "state": "PUBLISHED", "dateUpdated": "2026-01-27T17:05:12.071Z", "dateReserved": "2026-01-27T08:39:10.280Z", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "datePublished": "2026-01-27T08:40:19.319Z", "assignerShortName": "GovTech CSG"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in coolsnowwolf lede (package/lean/mt/drivers/mt7603e/src/mt7603_wifi/common modules). This vulnerability is associated with program files bn_lib.C.\n\nThis issue affects lede: through r25.10.1."}, {"lang": "es", "value": "Vulnerabilidad de bucle con condici\u00f3n de salida inalcanzable ('bucle infinito') en coolsnowwolf lede (m\u00f3dulos comunes de package/lean/mt/drivers/mt7603e/src/mt7603_wifi). Esta vulnerabilidad est\u00e1 asociada con los archivos de programa bn_lib.C.\n\nEste problema afecta a lede: hasta r25.10.1."}], "id": "CVE-2026-24804", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.2, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:L/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}, "published": "2026-01-27T09:15:50.470", "references": [{"source": "cve_disclosure@tech.gov.sg", "url": "https://github.com/coolsnowwolf/lede/pull/13368"}], "sourceIdentifier": "cve_disclosure@tech.gov.sg", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T02:25:24.821484+00:00", "value": {"mitigation_remediation": ["Apply the patch provided in GitHub pull request 13368 to the mt7603e driver, ensuring the loop\u2019s exit condition is restored.", "Upgrade lede firmware to a release newer than r25.10.1, which incorporates the fix.", "Restart the wireless driver and monitor CPU usage to confirm that the loop no longer consumes resources.", "If an upgrade or patch cannot be applied immediately, disable or unload the mt7603 driver until a fix is available to prevent accidental execution."], "summary": {"action": "Update", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The issue affects the coolsnowwolf lede project. All releases up to and including r25.10.1 are impacted. The specific component affected is mt7603e driver within the mt7603_wifi common modules, located in the package/lean/mt/drivers/mt7603e/src/mt7603_wifi/common directory. Users running those firmware versions should be aware that the nested infinite loop exists.", "description_and_impact": "The vulnerability arises from an unreachable exit condition in a loop within the mt7603 driver of the lede firmware. The flaw, categorized as CWE\u2011835, allows the loop to run indefinitely, consuming processor time and blocking normal operation. Because the loop never exits, a single instance can saturate the host, potentially causing the entire network subsystem to become unresponsive. While the description does not specify how the loop is triggered, the nature of the driver suggests that network traffic or a local configuration error could initiate the malfunction, making remote or local exploitation plausible.", "risk_and_exploitability": "The CVSS score for this flaw is 9.2, indicating a high impact. The EPSS score is reported as less than 1%, suggesting that the probability of exploitation in the wild is currently viewed as very low. The vulnerability is not listed in the CISA KEV catalog, meaning it has not yet been observed in widely deployed attacks. Nonetheless, the high severity combined with the denial\u2011of\u2011service outcome warrants timely action. Based on the description, an attacker that can influence the traffic or configuration handled by the mt7603 driver can trigger the infinite loop, leading to service disruption. The lack of an explicit exploit mention in the data means the exploit path is inferred; the attack could be carried out both locally by a privileged user and remotely via crafted wireless frames."}}}}, "created": "2026-01-27T20:16:52.229615+00:00", "updated": "2026-04-18T02:30:15.867833+00:00", "vendors": ["coolsnowwolf", "coolsnowwolf$PRODUCT$lede"]}