{"api_version":"1","generated_at":"2026-05-13T08:51:23+00:00","cve":"CVE-2024-27053","urls":{"html":"https://cve.report/CVE-2024-27053","api":"https://cve.report/api/cve/CVE-2024-27053.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-27053","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-27053"},"summary":{"title":"wifi: wilc1000: fix RCU usage in connect path","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix RCU usage in connect path\n\nWith lockdep enabled, calls to the connect function from cfg802.11 layer\nlead to the following warning:\n\n=============================\nWARNING: suspicious RCU usage\n6.7.0-rc1-wt+ #333 Not tainted\n-----------------------------\ndrivers/net/wireless/microchip/wilc1000/hif.c:386\nsuspicious rcu_dereference_check() usage!\n[...]\nstack backtrace:\nCPU: 0 PID: 100 Comm: wpa_supplicant Not tainted 6.7.0-rc1-wt+ #333\nHardware name: Atmel SAMA5\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x34/0x48\n dump_stack_lvl from wilc_parse_join_bss_param+0x7dc/0x7f4\n wilc_parse_join_bss_param from connect+0x2c4/0x648\n connect from cfg80211_connect+0x30c/0xb74\n cfg80211_connect from nl80211_connect+0x860/0xa94\n nl80211_connect from genl_rcv_msg+0x3fc/0x59c\n genl_rcv_msg from netlink_rcv_skb+0xd0/0x1f8\n netlink_rcv_skb from genl_rcv+0x2c/0x3c\n genl_rcv from netlink_unicast+0x3b0/0x550\n netlink_unicast from netlink_sendmsg+0x368/0x688\n netlink_sendmsg from ____sys_sendmsg+0x190/0x430\n ____sys_sendmsg from ___sys_sendmsg+0x110/0x158\n ___sys_sendmsg from sys_sendmsg+0xe8/0x150\n sys_sendmsg from ret_fast_syscall+0x0/0x1c\n\nThis warning is emitted because in the connect path, when trying to parse\ntarget BSS parameters, we dereference a RCU pointer whithout being in RCU\ncritical section.\nFix RCU dereference usage by moving it to a RCU read critical section. To\navoid wrapping the whole wilc_parse_join_bss_param under the critical\nsection, just use the critical section to copy ies data","state":"PUBLISHED","assigner":"Linux","published_at":"2024-05-01 13:15:50","updated_at":"2026-05-12 12:16:31"},"problem_types":["CWE-476","CWE-476 CWE-476 NULL Pointer Dereference"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"9.1","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.1,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"9.1","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"}}],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html","name":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f","name":"https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce","name":"https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html","name":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html","refsource":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2","name":"https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2","name":"https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38","name":"https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2","name":"https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de","name":"https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7","name":"https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-27053","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27053","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c460495ee072fc01a9b1e8d72c179510418cafac e556006de4ea93abe2b46cba202a2556c544b8b2 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c460495ee072fc01a9b1e8d72c179510418cafac b4bbf38c350acb6500cbe667b1e2e68f896e4b38 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c460495ee072fc01a9b1e8d72c179510418cafac d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c460495ee072fc01a9b1e8d72c179510418cafac 745003b5917b610352f52fe0d11ef658d6471ec2 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c460495ee072fc01a9b1e8d72c179510418cafac 4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c460495ee072fc01a9b1e8d72c179510418cafac 5800ec78775c0cd646f71eb9bf8402fb794807de git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c460495ee072fc01a9b1e8d72c179510418cafac dd50d3ead6e3707bb0a5df7cc832730c93ace3a7 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c460495ee072fc01a9b1e8d72c179510418cafac 205c50306acf58a335eb19fa84e40140f4fe814f git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 5.1","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.1 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.4.273 5.4.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.10.214 5.10.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.15.153 5.15.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.83 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.6.23 6.6.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.7.11 6.7.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.8.2 6.8.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.9 * original_commit_for_fix","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"affected c460495ee072 e556006de4ea custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"affected c460495ee072 b4bbf38c350a custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"affected c460495ee072 d80fc436751c custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"affected c460495ee072 745003b5917b custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"affected c460495ee072 4bfd20d5f5c custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"affected c460495ee072 5800ec78775c custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"affected c460495ee072 dd50d3ead6e3 custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"affected c460495ee072 205c50306acf custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"unaffected 5.4.273 5.5 custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"unaffected 5.15.153 5.16 custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"unaffected 6.1.83 6.2 custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"unaffected 6.6.23 6.7 custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"unaffected 6.7.11 6.8 custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"unaffected 6.9","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"unaffected 5.1 custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"affected 5.1","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"unaffected 5.10.214 5.11 custom","platforms":[]},{"source":"ADP","vendor":"linux","product":"linux_kernel","version":"unaffected 6.8.2 6.9 custom","platforms":[]},{"source":"ADP","vendor":"Siemens","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","version":"affected * custom","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2024","cve_id":"27053","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"affected":[{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThan":"e556006de4ea","status":"affected","version":"c460495ee072","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThan":"b4bbf38c350a","status":"affected","version":"c460495ee072","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThan":"d80fc436751c","status":"affected","version":"c460495ee072","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThan":"745003b5917b","status":"affected","version":"c460495ee072","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThan":"4bfd20d5f5c","status":"affected","version":"c460495ee072","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThan":"5800ec78775c","status":"affected","version":"c460495ee072","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThan":"dd50d3ead6e3","status":"affected","version":"c460495ee072","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThan":"205c50306acf","status":"affected","version":"c460495ee072","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThanOrEqual":"5.5","status":"unaffected","version":"5.4.273","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThanOrEqual":"5.16","status":"unaffected","version":"5.15.153","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThanOrEqual":"6.2","status":"unaffected","version":"6.1.83","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThanOrEqual":"6.7","status":"unaffected","version":"6.6.23","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThanOrEqual":"6.8","status":"unaffected","version":"6.7.11","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"status":"unaffected","version":"6.9"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThan":"5.1","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:5.1:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"status":"affected","version":"5.1"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThanOrEqual":"5.11","status":"unaffected","version":"5.10.214","versionType":"custom"}]},{"cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","product":"linux_kernel","vendor":"linux","versions":[{"lessThanOrEqual":"6.9","status":"unaffected","version":"6.8.2","versionType":"custom"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.1,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2024-27053","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2025-02-05T20:53:59.281892Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-476","description":"CWE-476 NULL Pointer Dereference","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-02-05T20:56:44.439Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"providerMetadata":{"dateUpdated":"2024-08-02T00:21:05.869Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_transferred"],"url":"https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2"},{"tags":["x_transferred"],"url":"https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38"},{"tags":["x_transferred"],"url":"https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2"},{"tags":["x_transferred"],"url":"https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2"},{"tags":["x_transferred"],"url":"https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce"},{"tags":["x_transferred"],"url":"https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de"},{"tags":["x_transferred"],"url":"https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7"},{"tags":["x_transferred"],"url":"https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f"},{"tags":["x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}],"title":"CVE Program Container"},{"affected":[{"defaultStatus":"unknown","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","vendor":"Siemens","versions":[{"lessThan":"*","status":"affected","version":"0","versionType":"custom"}]}],"providerMetadata":{"dateUpdated":"2026-05-12T11:51:19.382Z","orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP"},"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"}],"x_adpType":"supplier"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/net/wireless/microchip/wilc1000/hif.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"e556006de4ea93abe2b46cba202a2556c544b8b2","status":"affected","version":"c460495ee072fc01a9b1e8d72c179510418cafac","versionType":"git"},{"lessThan":"b4bbf38c350acb6500cbe667b1e2e68f896e4b38","status":"affected","version":"c460495ee072fc01a9b1e8d72c179510418cafac","versionType":"git"},{"lessThan":"d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2","status":"affected","version":"c460495ee072fc01a9b1e8d72c179510418cafac","versionType":"git"},{"lessThan":"745003b5917b610352f52fe0d11ef658d6471ec2","status":"affected","version":"c460495ee072fc01a9b1e8d72c179510418cafac","versionType":"git"},{"lessThan":"4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce","status":"affected","version":"c460495ee072fc01a9b1e8d72c179510418cafac","versionType":"git"},{"lessThan":"5800ec78775c0cd646f71eb9bf8402fb794807de","status":"affected","version":"c460495ee072fc01a9b1e8d72c179510418cafac","versionType":"git"},{"lessThan":"dd50d3ead6e3707bb0a5df7cc832730c93ace3a7","status":"affected","version":"c460495ee072fc01a9b1e8d72c179510418cafac","versionType":"git"},{"lessThan":"205c50306acf58a335eb19fa84e40140f4fe814f","status":"affected","version":"c460495ee072fc01a9b1e8d72c179510418cafac","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["drivers/net/wireless/microchip/wilc1000/hif.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"5.1"},{"lessThan":"5.1","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"5.4.*","status":"unaffected","version":"5.4.273","versionType":"semver"},{"lessThanOrEqual":"5.10.*","status":"unaffected","version":"5.10.214","versionType":"semver"},{"lessThanOrEqual":"5.15.*","status":"unaffected","version":"5.15.153","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.83","versionType":"semver"},{"lessThanOrEqual":"6.6.*","status":"unaffected","version":"6.6.23","versionType":"semver"},{"lessThanOrEqual":"6.7.*","status":"unaffected","version":"6.7.11","versionType":"semver"},{"lessThanOrEqual":"6.8.*","status":"unaffected","version":"6.8.2","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"6.9","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.4.273","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.10.214","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.153","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.83","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.23","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.7.11","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.8.2","versionStartIncluding":"5.1","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.9","versionStartIncluding":"5.1","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix RCU usage in connect path\n\nWith lockdep enabled, calls to the connect function from cfg802.11 layer\nlead to the following warning:\n\n=============================\nWARNING: suspicious RCU usage\n6.7.0-rc1-wt+ #333 Not tainted\n-----------------------------\ndrivers/net/wireless/microchip/wilc1000/hif.c:386\nsuspicious rcu_dereference_check() usage!\n[...]\nstack backtrace:\nCPU: 0 PID: 100 Comm: wpa_supplicant Not tainted 6.7.0-rc1-wt+ #333\nHardware name: Atmel SAMA5\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x34/0x48\n dump_stack_lvl from wilc_parse_join_bss_param+0x7dc/0x7f4\n wilc_parse_join_bss_param from connect+0x2c4/0x648\n connect from cfg80211_connect+0x30c/0xb74\n cfg80211_connect from nl80211_connect+0x860/0xa94\n nl80211_connect from genl_rcv_msg+0x3fc/0x59c\n genl_rcv_msg from netlink_rcv_skb+0xd0/0x1f8\n netlink_rcv_skb from genl_rcv+0x2c/0x3c\n genl_rcv from netlink_unicast+0x3b0/0x550\n netlink_unicast from netlink_sendmsg+0x368/0x688\n netlink_sendmsg from ____sys_sendmsg+0x190/0x430\n ____sys_sendmsg from ___sys_sendmsg+0x110/0x158\n ___sys_sendmsg from sys_sendmsg+0xe8/0x150\n sys_sendmsg from ret_fast_syscall+0x0/0x1c\n\nThis warning is emitted because in the connect path, when trying to parse\ntarget BSS parameters, we dereference a RCU pointer whithout being in RCU\ncritical section.\nFix RCU dereference usage by moving it to a RCU read critical section. To\navoid wrapping the whole wilc_parse_join_bss_param under the critical\nsection, just use the critical section to copy ies data"}],"providerMetadata":{"dateUpdated":"2026-05-11T20:09:29.759Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2"},{"url":"https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38"},{"url":"https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2"},{"url":"https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2"},{"url":"https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce"},{"url":"https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de"},{"url":"https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7"},{"url":"https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f"}],"title":"wifi: wilc1000: fix RCU usage in connect path","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2024-27053","datePublished":"2024-05-01T12:54:45.964Z","dateReserved":"2024-02-19T14:20:24.214Z","dateUpdated":"2026-05-12T11:51:19.382Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2024-05-01 13:15:50","lastModifiedDate":"2026-05-12 12:16:31","problem_types":["CWE-476","CWE-476 CWE-476 NULL Pointer Dereference"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"5.4.273","matchCriteriaId":"BDE41967-4FDC-4FCF-B49A-14790AA86C64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.214","matchCriteriaId":"65987874-467B-4D3B-91D6-68A129B34FB8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.153","matchCriteriaId":"ACB69438-845D-4E3C-B114-3140611F9C0B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.83","matchCriteriaId":"121A07F6-F505-4C47-86BF-9BB6CC7B6C19"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.23","matchCriteriaId":"E00814DC-0BA7-431A-9926-80FEB4A96C68"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.7.11","matchCriteriaId":"9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.8.2","matchCriteriaId":"543A75FF-25B8-4046-A514-1EA8EDD87AB1"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"27053","Ordinal":"1","Title":"wifi: wilc1000: fix RCU usage in connect path","CVE":"CVE-2024-27053","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"27053","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix RCU usage in connect path\n\nWith lockdep enabled, calls to the connect function from cfg802.11 layer\nlead to the following warning:\n\n=============================\nWARNING: suspicious RCU usage\n6.7.0-rc1-wt+ #333 Not tainted\n-----------------------------\ndrivers/net/wireless/microchip/wilc1000/hif.c:386\nsuspicious rcu_dereference_check() usage!\n[...]\nstack backtrace:\nCPU: 0 PID: 100 Comm: wpa_supplicant Not tainted 6.7.0-rc1-wt+ #333\nHardware name: Atmel SAMA5\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x34/0x48\n dump_stack_lvl from wilc_parse_join_bss_param+0x7dc/0x7f4\n wilc_parse_join_bss_param from connect+0x2c4/0x648\n connect from cfg80211_connect+0x30c/0xb74\n cfg80211_connect from nl80211_connect+0x860/0xa94\n nl80211_connect from genl_rcv_msg+0x3fc/0x59c\n genl_rcv_msg from netlink_rcv_skb+0xd0/0x1f8\n netlink_rcv_skb from genl_rcv+0x2c/0x3c\n genl_rcv from netlink_unicast+0x3b0/0x550\n netlink_unicast from netlink_sendmsg+0x368/0x688\n netlink_sendmsg from ____sys_sendmsg+0x190/0x430\n ____sys_sendmsg from ___sys_sendmsg+0x110/0x158\n ___sys_sendmsg from sys_sendmsg+0xe8/0x150\n sys_sendmsg from ret_fast_syscall+0x0/0x1c\n\nThis warning is emitted because in the connect path, when trying to parse\ntarget BSS parameters, we dereference a RCU pointer whithout being in RCU\ncritical section.\nFix RCU dereference usage by moving it to a RCU read critical section. To\navoid wrapping the whole wilc_parse_join_bss_param under the critical\nsection, just use the critical section to copy ies data","Type":"Description","Title":"wifi: wilc1000: fix RCU usage in connect path"}]}}}