CVE-2024-38575
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
19/06/2024
Last modified:
31/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
wifi: brcmfmac: pcie: handle randbuf allocation failure<br />
<br />
The kzalloc() in brcmf_pcie_download_fw_nvram() will return null<br />
if the physical memory has run out. As a result, if we use<br />
get_random_bytes() to generate random bytes in the randbuf, the<br />
null pointer dereference bug will happen.<br />
<br />
In order to prevent allocation failure, this patch adds a separate<br />
function using buffer on kernel stack to generate random bytes in<br />
the randbuf, which could prevent the kernel stack from overflow.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.1.30 (including) | 6.1.93 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.3.4 (including) | 6.6.33 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.12 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.9 (including) | 6.9.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0eb2c0528e232b3c32cde9d5e1c9f80ba2996e49
- https://git.kernel.org/stable/c/316f790ebcf94bdf59f794b7cdea4068dc676d4c
- https://git.kernel.org/stable/c/3729ca9e48d19a03ae049e2bde510e161c2f3720
- https://git.kernel.org/stable/c/7c15eb344b0d4d3468c9b2a7591ad2b859b29b88
- https://git.kernel.org/stable/c/c37466406f075476c2702ecc01917928af871f3b
- https://git.kernel.org/stable/c/0eb2c0528e232b3c32cde9d5e1c9f80ba2996e49
- https://git.kernel.org/stable/c/316f790ebcf94bdf59f794b7cdea4068dc676d4c
- https://git.kernel.org/stable/c/3729ca9e48d19a03ae049e2bde510e161c2f3720
- https://git.kernel.org/stable/c/7c15eb344b0d4d3468c9b2a7591ad2b859b29b88
- https://git.kernel.org/stable/c/c37466406f075476c2702ecc01917928af871f3b