{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-27048", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.213Z", "datePublished": "2024-05-01T12:54:28.644Z", "dateUpdated": "2026-05-11T20:09:23.798Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:09:23.798Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: handle pmk_op allocation failure\n\nThe kzalloc() in brcmf_pmksa_v3_op() will return null if the\nphysical memory has run out. As a result, if we dereference\nthe null value, the null pointer dereference bug will happen.\n\nReturn -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails\nfor pmk_op."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c"], "versions": [{"version": "a96202acaea47fa8377088e0952bb63bd02a3bab", "lessThan": "df62e22c2e27420e8990a4f09e30d7bf56c2036f", "status": "affected", "versionType": "git"}, {"version": "a96202acaea47fa8377088e0952bb63bd02a3bab", "lessThan": "9975908315c13bae2f2ed5ba92870fa935180b0e", "status": "affected", "versionType": "git"}, {"version": "a96202acaea47fa8377088e0952bb63bd02a3bab", "lessThan": "6138a82f3bccfc67ed7ac059493579fc326c02e5", "status": "affected", "versionType": "git"}, {"version": "a96202acaea47fa8377088e0952bb63bd02a3bab", "lessThan": "b4152222e04cb8afeeca239c90e3fcaf4c553b42", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c"], "versions": [{"version": "6.4", "status": "affected"}, {"version": "0", "lessThan": "6.4", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.6.23"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.7.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.8.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f"}, {"url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e"}, {"url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5"}, {"url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42"}], "title": "wifi: brcm80211: handle pmk_op allocation failure", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.939Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27048", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:44:11.458493Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:31.986Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.939Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27048", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:44:11.458493Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:17.184Z"}}], "cna": {"title": "wifi: brcm80211: handle pmk_op allocation failure", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "a96202acaea47fa8377088e0952bb63bd02a3bab", "lessThan": "df62e22c2e27420e8990a4f09e30d7bf56c2036f", "versionType": "git"}, {"status": "affected", "version": "a96202acaea47fa8377088e0952bb63bd02a3bab", "lessThan": "9975908315c13bae2f2ed5ba92870fa935180b0e", "versionType": "git"}, {"status": "affected", "version": "a96202acaea47fa8377088e0952bb63bd02a3bab", "lessThan": "6138a82f3bccfc67ed7ac059493579fc326c02e5", "versionType": "git"}, {"status": "affected", "version": "a96202acaea47fa8377088e0952bb63bd02a3bab", "lessThan": "b4152222e04cb8afeeca239c90e3fcaf4c553b42", "versionType": "git"}], "programFiles": ["drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.4"}, {"status": "unaffected", "version": "0", "lessThan": "6.4", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f"}, {"url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e"}, {"url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5"}, {"url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: handle pmk_op allocation failure\n\nThe kzalloc() in brcmf_pmksa_v3_op() will return null if the\nphysical memory has run out. As a result, if we dereference\nthe null value, the null pointer dereference bug will happen.\n\nReturn -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails\nfor pmk_op."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9", "versionStartIncluding": "6.4"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:09:23.798Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27048", "state": "PUBLISHED", "dateUpdated": "2026-05-11T20:09:23.798Z", "dateReserved": "2024-02-19T14:20:24.213Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-01T12:54:28.644Z", "assignerShortName": "Linux"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "81341948-503D-47E5-9E88-7F2922865141", "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD", "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: handle pmk_op allocation failure\n\nThe kzalloc() in brcmf_pmksa_v3_op() will return null if the\nphysical memory has run out. As a result, if we dereference\nthe null value, the null pointer dereference bug will happen.\n\nReturn -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails\nfor pmk_op."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: brcm80211: maneja el error de asignaci\u00f3n de pmk_op El kzalloc() en brcmf_pmksa_v3_op() devolver\u00e1 nulo si la memoria f\u00edsica se ha agotado. Como resultado, si eliminamos la referencia del valor nulo, se producir\u00e1 el error de desreferencia del puntero nulo. Devuelve -ENOMEM de brcmf_pmksa_v3_op() si kzalloc() falla para pmk_op."}], "id": "CVE-2024-27048", "lastModified": "2024-12-23T19:05:50.830", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-01T13:15:49.977", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:3627", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3618", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.5.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2025:3935", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "kernel-0:5.14.0-427.65.1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-04-16T00:00:00Z"}], "bugzilla": {"description": "kernel: wifi: brcm80211: handle pmk_op allocation failure", "id": "2278431", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278431"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nwifi: brcm80211: handle pmk_op allocation failure\nThe kzalloc() in brcmf_pmksa_v3_op() will return null if the\nphysical memory has run out. As a result, if we dereference\nthe null value, the null pointer dereference bug will happen.\nReturn -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails\nfor pmk_op.", "A vulnerability was found in the Linux kernel's Wi-Fi cfg80211.c driver, where a lack of proper checks can result in a NULL pointer dereference. This issue occurs when the brcmf_pmksa_v3_op() function attempts to call malloc (), but the physical memory has run out. In this situation, kzalloc() will return NULL, which the function does not check before using it in the corresponding value pmk_op., possibly leading to system instability."], "name": "CVE-2024-27048", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-27048\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27048\nhttps://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27048-016f@gregkh/T"], "threat_severity": "Moderate"}

{}