wifi: iwlwifi: mvm: set the cipher for secured NDP ranging
CVE-2024-49857

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 21 October 2024

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: set the cipher for secured NDP ranging

The cipher pointer is not set, but is derefereced trying to set its content, which leads to a NULL pointer dereference. Fix it by pointing to the cipher parameter before dereferencing.

Affected Version(s)

Linux 626be4bf99f6250cd66da5d311a72ad7455c5a64

Linux 6.11

References

https://git.kernel.org/stable/c/b3322a6d6aa9bc17b395c4b38...

https://git.kernel.org/stable/c/a949075d4bbf1ca83ccdeaa6e...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 21, 2024