Linux Kernel Channel Survey Memory Allocation Vulnerability in wcn36xx WiFi Driver

Vulnerability

A vulnerability has been identified in the Linux kernel's WiFi wcn36xx driver, related to improper memory allocation for channel survey data. The issue arises from an incorrect calculation of the required memory size, leading to the potential use of uninitialized values when no frames are present on the channel. This vulnerability has been addressed by modifying the memory allocation method to ensure proper initialization.

Impact

Exploitation of this vulnerability could lead to memory management issues, specifically the use of uninitialized memory, which can cause undefined behavior in the kernel.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Channel Survey Memory Allocation Vulnerability in wcn36xx WiFi Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating