5.5
CVE-2024-58063
- EPSS 0.19%
- Veröffentlicht 06.03.2025 16:15:52
- Zuletzt bearbeitet 12.05.2026 13:16:27
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
wifi: rtlwifi: fix memory leaks and invalid access at probe error path
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtlwifi: fix memory leaks and invalid access at probe error path
Deinitialize at reverse order when probe fails.
When init_sw_vars fails, rtl_deinit_core should not be called, specially
now that it destroys the rtl_wq workqueue.
And call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be
leaked.
Remove pci_set_drvdata call as it will already be cleaned up by the core
driver code and could lead to memory leaks too. cf. commit 8d450935ae7f
("wireless: rtlwifi: remove unnecessary pci_set_drvdata()") and
commit 3d86b93064c7 ("rtlwifi: Fix PCI probe error path orphaned memory").Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.38 < 5.4.291
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.235
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.179
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.129
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.76
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.13
Linux ≫ Linux Kernel Version >= 6.13 < 6.13.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.09 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/ee0b0d7baa8a6d42c7988f6e50c8f164cdf3fa47
https://git.kernel.org/stable/c/624cea89a0865a2bc3e00182a6b0f954a94328b4
https://git.kernel.org/stable/c/32acebca0a51f5e372536bfdc0d7d332ab749013
https://git.kernel.org/stable/c/6b76bab5c257463302c9e97f5d84d524457468eb
https://git.kernel.org/stable/c/e7ceefbfd8d447abc8aca8ab993a942803522c06
https://git.kernel.org/stable/c/455e0f40b5352186a9095f2135d5c89255e7c39a
https://git.kernel.org/stable/c/85b67b4c4a0f8a6fb20cf4ef7684ff2b0cf559df
https://git.kernel.org/stable/c/b96371339fd9cac90f5ee4ac17ee5c4cbbdfa6f7
https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
https://cert-portal.siemens.com/productcert/html/ssa-265688.html