CVE-2024-58063

MEDIUM EPSS 8.5%
Published Mar 6, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 6, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init_sw_vars fails, rtl_deinit_core should not be called, specially now that it destroys the rtl_wq workqueue. And call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be leaked. Remove pci_set_drvdata call as it will already be cleaned up by the core driver code and could lead to memory leaks too. cf. commit 8d450935ae7f ("wireless: rtlwifi: remove unnecessary pci_set_drvdata()") and commit 3d86b93064c7 ("rtlwifi: Fix PCI probe error path orphaned memory").

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥2.6.38  –  <5.4.291
linuxlinux_kernel*≥5.5  –  <5.10.235
linuxlinux_kernel*≥5.11  –  <5.15.179
linuxlinux_kernel*≥5.16  –  <6.1.129
linuxlinux_kernel*≥6.2  –  <6.6.76
linuxlinux_kernel*≥6.7  –  <6.12.13
linuxlinux_kernel*≥6.13  –  <6.13.2

References 11

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-265688.html
  • git.kernel.org https://git.kernel.org/stable/c/32acebca0a51f5e372536bfdc0d7d332ab749013
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/455e0f40b5352186a9095f2135d5c89255e7c39a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/624cea89a0865a2bc3e00182a6b0f954a94328b4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b76bab5c257463302c9e97f5d84d524457468eb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/85b67b4c4a0f8a6fb20cf4ef7684ff2b0cf559df
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b96371339fd9cac90f5ee4ac17ee5c4cbbdfa6f7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e7ceefbfd8d447abc8aca8ab993a942803522c06
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ee0b0d7baa8a6d42c7988f6e50c8f164cdf3fa47
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/32acebca0a51f5e372536bfdc0d7d332ab749013
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/455e0f40b5352186a9095f2135d5c89255e7c39a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/624cea89a0865a2bc3e00182a6b0f954a94328b4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b76bab5c257463302c9e97f5d84d524457468eb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/85b67b4c4a0f8a6fb20cf4ef7684ff2b0cf559df
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b96371339fd9cac90f5ee4ac17ee5c4cbbdfa6f7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e7ceefbfd8d447abc8aca8ab993a942803522c06
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ee0b0d7baa8a6d42c7988f6e50c8f164cdf3fa47
    Patch