Bug 1226743 (CVE-2024-38563)

Summary:	VUL-0: CVE-2024-38563: kernel: wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature
Product:	[Novell Products] SUSE Security Incidents	Reporter:	SMASH SMASH <smash_bz>
Component:	Incidents	Assignee:	Security Team bot <security-team>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Normal
Priority:	P3 - Medium	CC:	carlos.lopez, gabriel.bertazi
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Other
URL:	https://smash.suse.de/issue/411394/
Whiteboard:	CVSSv3.1:SUSE:CVE-2024-38563:4.7:(AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By:	Security Response Team	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description SMASH SMASH 2024-06-21 11:18:41 UTC

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature

Without this commit, reading chip temperature will cause memory leakage.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-38563
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-38563.mbox
https://git.kernel.org/stable/c/84e81f9b4818b8efe89beb12a246d5d510631939
https://git.kernel.org/stable/c/ef46dbb93fc9279fb7de883aac22abffe214e6b5
https://git.kernel.org/stable/c/474b9412f33be87076b40a49756662594598a85e
https://www.cve.org/CVERecord?id=CVE-2024-38563
https://bugzilla.redhat.com/show_bug.cgi?id=2293430

Comment 2 Andrea Mattiazzo 2024-06-24 13:52:30 UTC

All done, closing.