CVE-2024-57997

Published: Feb 27, 2025Modified: Nov 3, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: wcn36xx: fix channel survey memory allocation size KASAN reported a memory allocation issue in wcn->chan_survey due to incorrect size calculation. This commit uses kcalloc to allocate memory for wcn->chan_survey, ensuring proper initialization and preventing the use of uninitialized values when there are no frames on the channel.

Affected (4)

Products: Linux: Linux Kernel

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.18 to 6.1.129
Linux Linux Kernel	From 6.13 to 6.13.2
Linux Linux Kernel	From 6.2 to 6.6.76
Linux Linux Kernel	From 6.7 to 6.12.13

Related CWEs

Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

References (6)

https://git.kernel.org/stable/c/34cd2817708aec51ef1a6c007e0d6d5342a025d7

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/6200d947f050efdba4090dfefd8a01981363d954

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/64c4dcaeac1dc1030e47883b04a617ca9a4f164e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ae68efdff7a7a42ab251cac79d8713de6f0dbaa0

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/e95f9c408ff8311f75eeabc8acf34a66670d8815

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.