CVE-2024-57997
MEDIUMLinux Kernel 5.18-6.1.128 6.2-6.6.75 6.7-6.12.12 6.13.0-6.13.1 - Use of Uninitialized Resource in wcn36xx Channel Survey
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: wifi: wcn36xx: fix channel survey memory allocation size KASAN reported a memory allocation issue in wcn->chan_survey due to incorrect size calculation. This commit uses kcalloc to allocate memory for wcn->chan_survey, ensuring proper initialization and preventing the use of uninitialized values when there are no frames on the channel.
References (6)
Core 6
Core References
Scores
CVSS v3
5.5
EPSS
0.0020
EPSS Percentile
10.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-908
Status
published
Products (17)
linux/Kernel
5.18.0 - 6.1.129linux
linux/Kernel
6.13.0 - 6.13.2linux
linux/Kernel
6.2.0 - 6.6.76linux
linux/Kernel
6.7.0 - 6.12.13linux
Linux/Linux
< 5.18
Linux/Linux
29696e0aa413b9d56558731aae3806d7cff48d36 - 34cd2817708aec51ef1a6c007e0d6d5342a025d7
Linux/Linux
29696e0aa413b9d56558731aae3806d7cff48d36 - 6200d947f050efdba4090dfefd8a01981363d954
Linux/Linux
29696e0aa413b9d56558731aae3806d7cff48d36 - 64c4dcaeac1dc1030e47883b04a617ca9a4f164e
Linux/Linux
29696e0aa413b9d56558731aae3806d7cff48d36 - ae68efdff7a7a42ab251cac79d8713de6f0dbaa0
Linux/Linux
29696e0aa413b9d56558731aae3806d7cff48d36 - e95f9c408ff8311f75eeabc8acf34a66670d8815
... and 7 more
Published
Feb 27, 2025
Tracked Since
Feb 18, 2026