5.17.1

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

CWE-401

NVD

Published: 2025-02-26

Updated: 2025-03-18

Summary

In the Linux kernel, the following vulnerability has been resolved: rtw88: fix memory overrun and memory leak during hw_scan Previously we allocated less memory than actual required, overwrite to the buffer causes the mm module to complaint and raise access violation faults. Along with potential memory leaks when returned early. Fix these by passing the correct size and proper deinit flow.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 5.17 Linux Linux Kernel 5.17.1	10

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

References

https://git.kernel.org/stable/c/d95984b5580dcb8b1c0036577c52b609990a1dab
https://git.kernel.org/stable/c/ec5da191bfcd5fd22b95459b623694f66c1cc10b