Executive Summary

Informations
Name CVE-2024-46672 First vendor Publication 2024-09-11
Vendor Cve Last vendor Modification 2024-09-13

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 5.5
Base Score 5.5 Environmental Score 5.5
impact SubScore 3.6 Temporal Score 5.5
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion

wpa_supplicant 2.11 sends since 1efdba5fdc2c ("Handle PMKSA flush in the driver for SAE/OWE offload cases") SSID based PMKSA del commands. brcmfmac is not prepared and tries to dereference the NULL bssid and pmkid pointers in cfg80211_pmksa. PMKID_V3 operations support SSID based updates so copy the SSID.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46672

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-476 NULL Pointer Dereference

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8
Os 3602

Sources (Detail)

https://git.kernel.org/stable/c/1f566eb912d192c83475a919331aea59619e1197
https://git.kernel.org/stable/c/2ad4e1ada8eebafa2d75a4b75eeeca882de6ada1
https://git.kernel.org/stable/c/4291f94f8c6b01505132c22ee27b59ed27c3584f
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2024-10-03 02:53:40
  • Multiple Updates
2024-10-02 02:52:04
  • Multiple Updates
2024-09-14 21:29:44
  • Multiple Updates
2024-09-13 21:27:42
  • Multiple Updates
2024-09-11 21:27:23
  • First insertion