Main Vulnerability Database SB20241230173

SB20241230173 - NULL pointer dereference in Linux kernel st cw1200 driver

Published: December 30, 2024 Updated: May 11, 2025

Security Bulletin ID SB20241230173

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2024-56536)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cw1200_spi_suspend() function in drivers/net/wireless/st/cw1200/cw1200_spi.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/0ec90ac5f7bd9dd573bd5d964cbdc3beaa93a33e
https://git.kernel.org/stable/c/2b94751626a6d49bbe42a19cc1503bd391016bd5
https://git.kernel.org/stable/c/67c914f2d64b28409796a6b9036c131e93f8af6c
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.2