What is the severity of CVE-2024-56593?

CVE-2024-56593 is categorized as a moderate severity issue due to the potential for a NULL pointer dereference in the Linux kernel's brcmfmac component.

How do I fix CVE-2024-56593?

To fix CVE-2024-56593, you should upgrade your Linux kernel to a version that includes the patch addressing this vulnerability.

What affected versions are vulnerable to CVE-2024-56593?

CVE-2024-56593 affects Linux kernel versions prior to 5.4.287, between 5.5 and 5.10.231, between 5.11 and 5.15.174, between 5.16 and 6.1.120, between 6.2 and 6.6.66, and between 6.7 and 6.12.5.

What component of the Linux kernel is affected by CVE-2024-56593?

The vulnerability CVE-2024-56593 specifically affects the brcmfmac component of the Linux kernel.

When was CVE-2024-56593 disclosed?

CVE-2024-56593 was disclosed as part of a series of patches meant to address various issues in the Linux kernel.

Vulnerability/
CVE-2024-56593

medium

5.5

CWE

476

27/12/2024

20/1/2025

CVE-2024-56593: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()

First published: Fri Dec 27 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sd_sgentry_align' value applies (e.g. 512) and a lot of queued SKBs are sent from the pkt queue. The problem is the number of entries in the pre-allocated sgtable, it is nents = max(rxglom_size, txglom_size) + max(rxglom_size, txglom_size) >> 4 + 1. Given the default [rt]xglom_size=32 it's actually 35 which is too small. Worst case, the pkt queue can end up with 64 SKBs. This occurs when a new SKB is added for each original SKB if tailroom isn't enough to hold tail_pad. At least one sg entry is needed for each SKB. So, eventually the "skb_queue_walk loop" in brcmf_sdiod_sglist_rw may run out of sg entries. This makes sg_next return NULL and this causes the oops. The patch sets nents to max(rxglom_size, txglom_size) * 2 to be able handle the worst-case. Btw. this requires only 64-35=29 * 16 (or 20 if CONFIG_NEED_SG_DMA_LENGTH) = 464 additional bytes of memory.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	<5.4.287
Linux Kernel	>=5.5<5.10.231
Linux Kernel	>=5.11<5.15.174
Linux Kernel	>=5.16<6.1.120
Linux Kernel	>=6.2<6.6.66
Linux Kernel	>=6.7<6.12.5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-56593?
CVE-2024-56593 is categorized as a moderate severity issue due to the potential for a NULL pointer dereference in the Linux kernel's brcmfmac component.
How do I fix CVE-2024-56593?
To fix CVE-2024-56593, you should upgrade your Linux kernel to a version that includes the patch addressing this vulnerability.
What affected versions are vulnerable to CVE-2024-56593?
CVE-2024-56593 affects Linux kernel versions prior to 5.4.287, between 5.5 and 5.10.231, between 5.11 and 5.15.174, between 5.16 and 6.1.120, between 6.2 and 6.6.66, and between 6.7 and 6.12.5.
What component of the Linux kernel is affected by CVE-2024-56593?
The vulnerability CVE-2024-56593 specifically affects the brcmfmac component of the Linux kernel.
When was CVE-2024-56593 disclosed?
CVE-2024-56593 was disclosed as part of a series of patches meant to address various issues in the Linux kernel.

agent/title
agent/references
agent/type
agent/description
agent/first-publish-date
agent/author
agent/event
agent/severity
agent/remedy
agent/softwarecombine
agent/source
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel
version/linux kernel/5.5
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/6.2
version/linux kernel/6.7

Frequently Asked Questions

What is the severity of CVE-2024-56593?
CVE-2024-56593 is categorized as a moderate severity issue due to the potential for a NULL pointer dereference in the Linux kernel's brcmfmac component.
How do I fix CVE-2024-56593?
To fix CVE-2024-56593, you should upgrade your Linux kernel to a version that includes the patch addressing this vulnerability.
What affected versions are vulnerable to CVE-2024-56593?
CVE-2024-56593 affects Linux kernel versions prior to 5.4.287, between 5.5 and 5.10.231, between 5.11 and 5.15.174, between 5.16 and 6.1.120, between 6.2 and 6.6.66, and between 6.7 and 6.12.5.
What component of the Linux kernel is affected by CVE-2024-56593?
The vulnerability CVE-2024-56593 specifically affects the brcmfmac component of the Linux kernel.
When was CVE-2024-56593 disclosed?
CVE-2024-56593 was disclosed as part of a series of patches meant to address various issues in the Linux kernel.

CVE-2024-56593: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-56593?

How do I fix CVE-2024-56593?

What affected versions are vulnerable to CVE-2024-56593?

What component of the Linux kernel is affected by CVE-2024-56593?

When was CVE-2024-56593 disclosed?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-56593?

How do I fix CVE-2024-56593?

What affected versions are vulnerable to CVE-2024-56593?

What component of the Linux kernel is affected by CVE-2024-56593?

When was CVE-2024-56593 disclosed?