5.5
CVE-2024-27048
- EPSS 0.27%
- Veröffentlicht 01.05.2024 13:15:49
- Zuletzt bearbeitet 23.12.2024 19:05:50
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
wifi: brcm80211: handle pmk_op allocation failure
In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmk_op allocation failure The kzalloc() in brcmf_pmksa_v3_op() will return null if the physical memory has run out. As a result, if we dereference the null value, the null pointer dereference bug will happen. Return -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails for pmk_op.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.4 < 6.6.23
Linux ≫ Linux Kernel Version >= 6.7 < 6.7.11
Linux ≫ Linux Kernel Version >= 6.8 < 6.8.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.189 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5
https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e
https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42
https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f