CVE-2024-49857

medium

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: set the cipher for secured NDP ranging The cipher pointer is not set, but is derefereced trying to set its content, which leads to a NULL pointer dereference. Fix it by pointing to the cipher parameter before dereferencing.

References

https://git.kernel.org/stable/c/b3322a6d6aa9bc17b395c4b38d3b97578887aa8a

https://git.kernel.org/stable/c/a949075d4bbf1ca83ccdeaa6ef4ac2ce7526c5f4

Details

Source: Mitre, NVD

Published: 2024-10-21

Updated: 2024-10-22

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H