AZL-51419

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-51419.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-51419

Upstream

CVE-2024-49929

Published

2024-10-21T18:15:14Z

Modified

2026-04-01T05:20:45.124615Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2024-49929 affecting package kernel 5.15.200.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: avoid NULL pointer dereference

iwlmvmtxskbsta() and iwlmvmtxmpdu() verify that the mvmvsta pointer is not NULL. It retrieves this pointer using iwlmvmstafrommac80211, which is dereferencing the ieee80211sta pointer. If sta is NULL, iwlmvmstafrommac80211 will dereference a NULL pointer. Fix this by checking the sta pointer before retrieving the mvmsta from it. If sta is not NULL, then mvmsta isn't either.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-49929

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.15.200.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-51419.json"