AZL-53986

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-53986.json
JSON Data
https://api.test.osv.dev/v1/vulns/AZL-53986
Upstream
Published
2024-11-19T18:15:25Z
Modified
2026-04-01T05:16:37.401342Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
CVE-2024-53059 affecting package kernel for versions less than 5.15.173.1-1
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: Fix response handling in iwlmvmsendrecoverycmd()

  1. The size of the response packet is not validated.
  2. The response buffer is not freed.

Resolve these issues by switching to iwlmvmsendcmdstatus(), which handles both size validation and frees the buffer.

References

Affected packages

Azure Linux:2 / kernel

Package

Name
kernel
Purl
pkg:rpm/azure-linux/kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.173.1-1

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-53986.json"