Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-57992— wifi: wilc1000: unregister wiphy only if it has been registered

EPSS 0.10% · P28
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-57992

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
wifi: wilc1000: unregister wiphy only if it has been registered
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: unregister wiphy only if it has been registered There is a specific error path in probe functions in wilc drivers (both sdio and spi) which can lead to kernel panic, as this one for example when using SPI: Unable to handle kernel paging request at virtual address 9f000000 when read [9f000000] *pgd=00000000 Internal error: Oops: 5 [#1] ARM Modules linked in: wilc1000_spi(+) crc_itu_t crc7 wilc1000 cfg80211 bluetooth ecdh_generic ecc CPU: 0 UID: 0 PID: 106 Comm: modprobe Not tainted 6.13.0-rc3+ #22 Hardware name: Atmel SAMA5 PC is at wiphy_unregister+0x244/0xc40 [cfg80211] LR is at wiphy_unregister+0x1c0/0xc40 [cfg80211] [...] wiphy_unregister [cfg80211] from wilc_netdev_cleanup+0x380/0x494 [wilc1000] wilc_netdev_cleanup [wilc1000] from wilc_bus_probe+0x360/0x834 [wilc1000_spi] wilc_bus_probe [wilc1000_spi] from spi_probe+0x15c/0x1d4 spi_probe from really_probe+0x270/0xb2c really_probe from __driver_probe_device+0x1dc/0x4e8 __driver_probe_device from driver_probe_device+0x5c/0x140 driver_probe_device from __driver_attach+0x220/0x540 __driver_attach from bus_for_each_dev+0x13c/0x1a8 bus_for_each_dev from bus_add_driver+0x2a0/0x6a4 bus_add_driver from driver_register+0x27c/0x51c driver_register from do_one_initcall+0xf8/0x564 do_one_initcall from do_init_module+0x2e4/0x82c do_init_module from load_module+0x59a0/0x70c4 load_module from init_module_from_file+0x100/0x148 init_module_from_file from sys_finit_module+0x2fc/0x924 sys_finit_module from ret_fast_syscall+0x0/0x1c The issue can easily be reproduced, for example by not wiring correctly a wilc device through SPI (and so, make it unresponsive to early SPI commands). It is due to a recent change decoupling wiphy allocation from wiphy registration, however wilc_netdev_cleanup has not been updated accordingly, letting it possibly call wiphy unregister on a wiphy which has never been registered. Fix this crash by moving wiphy_unregister/wiphy_free out of wilc_netdev_cleanup, and by adjusting error paths in both drivers
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于wifi: wilc1000模块在未注册wiphy时尝试取消注册。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux fbdf0c5248dce4b55181e9aff8f1b61819ba6bd7 ~ c7115b8229f3e6cdfae43b1cdd180f5b6c67cd70 -
LinuxLinux 6.13 -

II. Public POCs for CVE-2024-57992

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-57992

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-02-27 · 177 CVEs total

CVE-2025-217567.8 HIGHvsock: Keep the binding until socket destruction
CVE-2025-21773can: etas_es58x: fix potential NULL pointer dereference on udev->serial
CVE-2025-21763neighbour: use RCU protection in __neigh_notify()
CVE-2025-21762arp: use RCU protection in arp_xmit()
CVE-2025-21764ndisc: use RCU protection in ndisc_alloc_skb()
CVE-2025-21765ipv6: use RCU protection in ip6_default_advmss()
CVE-2025-21766ipv4: use RCU protection in __ip_rt_update_pmtu()
CVE-2025-21767clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context
CVE-2025-21769ptp: vmclock: Add .owner to vmclock_miscdev_fops
CVE-2025-21768net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
CVE-2025-21771sched_ext: Fix incorrect autogroup migration detection
CVE-2025-21770iommu: Fix potential memory leak in iopf_queue_remove_device()
CVE-2025-21777ring-buffer: Validate the persistent meta data subbuf array
CVE-2025-21783gpiolib: Fix crash on error in gpiochip_get_ngpios()
CVE-2025-21781batman-adv: fix panic during interface removal
CVE-2025-21780drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()
CVE-2025-21779KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel
CVE-2025-21778tracing: Do not allow mmap() of persistent ring buffer
CVE-2025-21774can: rockchip: rkcanfd_handle_rx_fifo_overflow_int(): bail out if skb cannot be allocated
CVE-2025-21772partitions: mac: fix handling of bogus partition table

Showing top 20 of 177 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2024-57992

No comments yet

Leave a comment