{"id":"CVE-2024-38575","summary":"wifi: brcmfmac: pcie: handle randbuf allocation failure","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: pcie: handle randbuf allocation failure\n\nThe kzalloc() in brcmf_pcie_download_fw_nvram() will return null\nif the physical memory has run out. As a result, if we use\nget_random_bytes() to generate random bytes in the randbuf, the\nnull pointer dereference bug will happen.\n\nIn order to prevent allocation failure, this patch adds a separate\nfunction using buffer on kernel stack to generate random bytes in\nthe randbuf, which could prevent the kernel stack from overflow.","modified":"2026-04-16T04:34:44.564498943Z","published":"2024-06-19T13:37:34.476Z","related":["ALSA-2024:5102","ALSA-2024:5363","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38575.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0eb2c0528e232b3c32cde9d5e1c9f80ba2996e49"},{"type":"WEB","url":"https://git.kernel.org/stable/c/316f790ebcf94bdf59f794b7cdea4068dc676d4c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3729ca9e48d19a03ae049e2bde510e161c2f3720"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7c15eb344b0d4d3468c9b2a7591ad2b859b29b88"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c37466406f075476c2702ecc01917928af871f3b"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38575.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38575"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c35105f375b530bc27e03ea9250b1c26dd4cae86"},{"fixed":"0eb2c0528e232b3c32cde9d5e1c9f80ba2996e49"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"91918ce88d9fef408bb12c46a27c73d79b604c20"},{"fixed":"c37466406f075476c2702ecc01917928af871f3b"},{"fixed":"7c15eb344b0d4d3468c9b2a7591ad2b859b29b88"},{"fixed":"3729ca9e48d19a03ae049e2bde510e161c2f3720"},{"fixed":"316f790ebcf94bdf59f794b7cdea4068dc676d4c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"ba72baed066f3bfa8b489e4b58f1fcaf51c04f83"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-38575.json"}}],"schema_version":"1.7.5"}