{
  "threat_severity" : "Moderate",
  "public_date" : "2024-05-01T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: wifi: brcm80211: handle pmk_op allocation failure",
    "id" : "2278431",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2278431"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nwifi: brcm80211: handle pmk_op allocation failure\nThe kzalloc() in brcmf_pmksa_v3_op() will return null if the\nphysical memory has run out. As a result, if we dereference\nthe null value, the null pointer dereference bug will happen.\nReturn -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails\nfor pmk_op.", "A vulnerability was found in the Linux kernel's Wi-Fi cfg80211.c driver, where a lack of proper checks can result in a NULL pointer dereference. This issue occurs when the brcmf_pmksa_v3_op() function attempts to call malloc (), but the physical memory has run out. In this situation, kzalloc() will return NULL, which the function does not check before using it in the corresponding value pmk_op., possibly leading to system instability." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-06-05T00:00:00Z",
    "advisory" : "RHSA-2024:3627",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-06-05T00:00:00Z",
    "advisory" : "RHSA-2024:3618",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-553.5.1.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-11-12T00:00:00Z",
    "advisory" : "RHSA-2024:9315",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-503.11.1.el9_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-11-12T00:00:00Z",
    "advisory" : "RHSA-2024:9315",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-503.11.1.el9_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support",
    "release_date" : "2025-04-16T00:00:00Z",
    "advisory" : "RHSA-2025:3935",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.4",
    "package" : "kernel-0:5.14.0-427.65.1.el9_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-27048\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27048\nhttps://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27048-016f@gregkh/T" ],
  "name" : "CVE-2024-27048",
  "csaw" : false
}