CVE-2024-57997

Summary

CVE-2024-57997 is a recently identified vulnerability in the Linux kernel's wcn36xx driver. This issue was brought to light by the Kernel Address Sanitizer (KASAN), which detected an incorrect memory allocation size in the wcn->chan_survey variable. Specifically, the size of this variable was not being calculated correctly, leading to potential memory corruption. To address this issue, the developers have implemented a fix using the kcalloc function to allocate memory for wcn->chan_survey. This ensures proper initialization and eliminates the risk of using uninitialized values, particularly when there are no frames on the channel.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.