CVE-2024-58014
Published: 27 February 2025
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN() instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access. Compile tested only. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Security Summary
CVE-2024-58014 is a vulnerability in the Linux kernel's brcmsmac WiFi driver, specifically within the wlc_phy_iqcal_gainparams_nphy() function. The issue stems from a missing gain range check, which could lead to an out-of-bounds read access to the tbl_iqcal_gainparams_nphy array. This flaw, classified under CWE-125 (Out-of-bounds Read), carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H), indicating high severity due to potential confidentiality and availability impacts.
A local attacker with low privileges (PR:L) can exploit this vulnerability with low attack complexity and no user interaction required. Successful exploitation could result in high confidentiality loss, such as unauthorized access to sensitive data, and high availability disruption, potentially causing denial of service through kernel crashes or instability.
Mitigation is provided through patches applied to stable Linux kernel versions, as detailed in kernel commit references including 093286c33409bf38896f2dab0c0bb6ca388afb33, 0a457223cb2b9ca46bae7de387d0f4c093b0220d, 13ef16c4fe384b1e70277bbe1d87934ee6c81e12, 3f4a0948c3524ae50f166dbc6572a3296b014e62, and 6f6e293246dc1f5b2b6b3d0f2d757598489cda79. These commits add the necessary gain range check before accessing the array, redirecting invalid cases to a WARN() instead.
The vulnerability was identified by the Linux Verification Center (linuxtesting.org) using the SVACE static analysis tool, with patches compile-tested only. No public reports of real-world exploitation exist as of the CVE publication on 2025-02-27.
Details
- CWE(s)