CVE-2024-49857

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: set the cipher for secured NDP ranging The cipher pointer is not set, but is derefereced trying to set its content, which leads to a NULL pointer dereference. Fix it by pointing to the cipher parameter before dereferencing.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

22 Oct 2024, 15:48

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
References () https://git.kernel.org/stable/c/a949075d4bbf1ca83ccdeaa6ef4ac2ce7526c5f4 - () https://git.kernel.org/stable/c/a949075d4bbf1ca83ccdeaa6ef4ac2ce7526c5f4 - Patch
References () https://git.kernel.org/stable/c/b3322a6d6aa9bc17b395c4b38d3b97578887aa8a - () https://git.kernel.org/stable/c/b3322a6d6aa9bc17b395c4b38d3b97578887aa8a - Patch
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: iwlwifi: mvm: establece el cifrado para el rango NDP seguro El puntero de cifrado no está establecido, pero se anula la referencia al intentar establecer su contenido, lo que genera una anulación de la referencia del puntero NULL. Solucione el problema apuntando al parámetro de cifrado antes de anular la referencia.
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE CWE-476
First Time Linux linux Kernel
Linux

21 Oct 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 13:15

Updated : 2024-10-22 15:48


NVD link : CVE-2024-49857

Mitre link : CVE-2024-49857

CVE.ORG link : CVE-2024-49857


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference