medium
5.5
CWE
908
Advisory Published
Updated

CVE-2024-57997: wifi: wcn36xx: fix channel survey memory allocation size

First published: Thu Feb 27 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: wifi: wcn36xx: fix channel survey memory allocation size KASAN reported a memory allocation issue in wcn->chan_survey due to incorrect size calculation. This commit uses kcalloc to allocate memory for wcn->chan_survey, ensuring proper initialization and preventing the use of uninitialized values when there are no frames on the channel.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel>=5.18<6.1.129
Linux Kernel>=6.2<6.6.76
Linux Kernel>=6.7<6.12.13
Linux Kernel>=6.13<6.13.2

Remedy

https://git.kernel.org/stable/c/34cd2817708aec51ef1a6c007e0d6d5342a025d7

Remedy

https://git.kernel.org/stable/c/6200d947f050efdba4090dfefd8a01981363d954

Remedy

https://git.kernel.org/stable/c/64c4dcaeac1dc1030e47883b04a617ca9a4f164e

Remedy

https://git.kernel.org/stable/c/ae68efdff7a7a42ab251cac79d8713de6f0dbaa0

Remedy

https://git.kernel.org/stable/c/e95f9c408ff8311f75eeabc8acf34a66670d8815

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-57997?

    CVE-2024-57997 has been identified as a memory allocation vulnerability in the Linux kernel affecting the wcn36xx Wi-Fi driver.

  • What systems are affected by CVE-2024-57997?

    CVE-2024-57997 affects specific versions of the Linux kernel ranging from 5.18 to 6.12.13, including multiple sub-versions.

  • How do I fix CVE-2024-57997?

    To fix CVE-2024-57997, you should upgrade to the latest version of the Linux kernel that addresses this vulnerability.

  • What type of issue does CVE-2024-57997 represent?

    CVE-2024-57997 represents a memory allocation issue due to incorrect size calculation in the wcn36xx driver.

  • Is CVE-2024-57997 a critical vulnerability?

    While the specific severity rating may vary, CVE-2024-57997 is important to address due to its implications for memory management and system stability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203