SB20250227129 - Input validation error in Linux kernel brcm80211 brcmfmac driver
Published: February 27, 2025 Updated: May 11, 2025
Security Bulletin ID
SB20250227129
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2025-21750)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the brcmf_of_probe() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/of.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/082d9e263af8de68f0c34f67b251818205160f6e
- https://git.kernel.org/stable/c/7ef2ea1429684d5cef207519bdf6ce45e50e8ac5
- https://git.kernel.org/stable/c/af525a8b2ab85291617e79a5bb18bcdcb529e80c
- https://git.kernel.org/stable/c/bb8e35e33e79eb8e44396adbc8cb6c8c5f16b731
- https://git.kernel.org/stable/c/c9480e9f2d10135476101619bcbd1c49c15d595f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.78