CVE-2024-58063
- Source
- https://cve.org/CVERecord?id=CVE-2024-58063
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58063.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-58063
- Downstream
- Related
- Published
- 2025-03-06T15:54:05.258Z
- Modified
- 2026-03-20T12:39:58.515935Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- wifi: rtlwifi: fix memory leaks and invalid access at probe error path
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtlwifi: fix memory leaks and invalid access at probe error path
Deinitialize at reverse order when probe fails.
When initswvars fails, rtldeinitcore should not be called, specially now that it destroys the rtl_wq workqueue.
And call rtlpcideinit and deinitswvars, otherwise, memory will be leaked.
Remove pcisetdrvdata call as it will already be cleaned up by the core driver code and could lead to memory leaks too. cf. commit 8d450935ae7f ("wireless: rtlwifi: remove unnecessary pcisetdrvdata()") and commit 3d86b93064c7 ("rtlwifi: Fix PCI probe error path orphaned memory").
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58063.json" }- References
-
- https://git.kernel.org/stable/c/32acebca0a51f5e372536bfdc0d7d332ab749013
- https://git.kernel.org/stable/c/455e0f40b5352186a9095f2135d5c89255e7c39a
- https://git.kernel.org/stable/c/624cea89a0865a2bc3e00182a6b0f954a94328b4
- https://git.kernel.org/stable/c/6b76bab5c257463302c9e97f5d84d524457468eb
- https://git.kernel.org/stable/c/85b67b4c4a0f8a6fb20cf4ef7684ff2b0cf559df
- https://git.kernel.org/stable/c/b96371339fd9cac90f5ee4ac17ee5c4cbbdfa6f7
- https://git.kernel.org/stable/c/e7ceefbfd8d447abc8aca8ab993a942803522c06
- https://git.kernel.org/stable/c/ee0b0d7baa8a6d42c7988f6e50c8f164cdf3fa47
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58063.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-58063
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0c8173385e549f95cd80c3fff5aab87b4f881d8dFixed85b67b4c4a0f8a6fb20cf4ef7684ff2b0cf559dfFixed455e0f40b5352186a9095f2135d5c89255e7c39aFixedb96371339fd9cac90f5ee4ac17ee5c4cbbdfa6f7Fixedee0b0d7baa8a6d42c7988f6e50c8f164cdf3fa47Fixed624cea89a0865a2bc3e00182a6b0f954a94328b4Fixed32acebca0a51f5e372536bfdc0d7d332ab749013Fixed6b76bab5c257463302c9e97f5d84d524457468ebFixede7ceefbfd8d447abc8aca8ab993a942803522c06