CVE-2024-57997

MEDIUM EPSS 10.4%
Published Feb 27, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 27, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: wcn36xx: fix channel survey memory allocation size KASAN reported a memory allocation issue in wcn->chan_survey due to incorrect size calculation. This commit uses kcalloc to allocate memory for wcn->chan_survey, ensuring proper initialization and preventing the use of uninitialized values when there are no frames on the channel.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
10.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-908

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥5.18  –  <6.1.129
linuxlinux_kernel*≥6.2  –  <6.6.76
linuxlinux_kernel*≥6.7  –  <6.12.13
linuxlinux_kernel*≥6.13  –  <6.13.2

References 6

  • git.kernel.org https://git.kernel.org/stable/c/34cd2817708aec51ef1a6c007e0d6d5342a025d7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6200d947f050efdba4090dfefd8a01981363d954
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/64c4dcaeac1dc1030e47883b04a617ca9a4f164e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ae68efdff7a7a42ab251cac79d8713de6f0dbaa0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e95f9c408ff8311f75eeabc8acf34a66670d8815
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/34cd2817708aec51ef1a6c007e0d6d5342a025d7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6200d947f050efdba4090dfefd8a01981363d954
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/64c4dcaeac1dc1030e47883b04a617ca9a4f164e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ae68efdff7a7a42ab251cac79d8713de6f0dbaa0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e95f9c408ff8311f75eeabc8acf34a66670d8815
    Patch