fkie_cve-2024-58072
Vulnerability from fkie_nvd
Published
2025-03-06 16:15
Modified
2025-03-13 13:15
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused check_buddy_priv Commit 2461c7d60f9f ("rtlwifi: Update header file") introduced a global list of private data structures. Later on, commit 26634c4b1868 ("rtlwifi Modify existing bits to match vendor version 2013.02.07") started adding the private data to that list at probe time and added a hook, check_buddy_priv to find the private data from a similar device. However, that function was never used. Besides, though there is a lock for that list, it is never used. And when the probe fails, the private data is never removed from the list. This would cause a second probe to access freed memory. Remove the unused hook, structures and members, which will prevent the potential race condition on the list and its corruption during a second probe when probe fails.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/006e803af7408c3fc815b0654fc5ab43d34f0154
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1b9cbd8a9ae68b32099fbb03b2d5ffa0c5e0dcc9
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1e39b0486cdb496cdfba3bc89886150e46acf6f4
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2fdac64c3c35858aa8ac5caa70b232e03456e120
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/465d01ef6962b82b1f0ad1f3e58b398dbd35c1c1
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/543e3e9f2e9e47ded774c74e680f28a0ca362aee
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8e2fcc68fbaab3ad9f5671fee2be0956134b740a
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f801e754efa21bd61b3cc15ec7565696165b272f
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: rtlwifi: eliminar check_buddy_priv no utilizado el commit 2461c7d60f9f (\"rtlwifi: Actualizar archivo de encabezado\") introdujo una lista global de estructuras de datos privados. M\u00e1s tarde, el commit 26634c4b1868 (\"rtlwifi Modificar bits existentes para que coincidan con la versi\u00f3n del proveedor 2013.02.07\") comenz\u00f3 a agregar los datos privados a esa lista en el momento del sondeo y agreg\u00f3 un gancho, check_buddy_priv para encontrar los datos privados de un dispositivo similar. Sin embargo, esa funci\u00f3n nunca se us\u00f3. Adem\u00e1s, aunque hay un bloqueo para esa lista, nunca se usa. Y cuando el sondeo falla, los datos privados nunca se eliminan de la lista. Esto har\u00eda que un segundo sondeo acceda a la memoria liberada. Elimine el gancho, las estructuras y los miembros no utilizados, lo que evitar\u00e1 la posible condici\u00f3n de ejecuci\u00f3n en la lista y su corrupci\u00f3n durante un segundo sondeo cuando el sondeo falla."
    }
  ],
  "id": "CVE-2024-58072",
  "lastModified": "2025-03-13T13:15:45.920",
  "metrics": {},
  "published": "2025-03-06T16:15:53.703",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/006e803af7408c3fc815b0654fc5ab43d34f0154"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1b9cbd8a9ae68b32099fbb03b2d5ffa0c5e0dcc9"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1e39b0486cdb496cdfba3bc89886150e46acf6f4"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2fdac64c3c35858aa8ac5caa70b232e03456e120"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/465d01ef6962b82b1f0ad1f3e58b398dbd35c1c1"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/543e3e9f2e9e47ded774c74e680f28a0ca362aee"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8e2fcc68fbaab3ad9f5671fee2be0956134b740a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/f801e754efa21bd61b3cc15ec7565696165b272f"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.