{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "fbdf0c5248dce4b55181e9aff8f1b61819ba6bd7"
            },
            {
              "fixed": "c7115b8229f3e6cdfae43b1cdd180f5b6c67cd70"
            },
            {
              "fixed": "1be94490b6b8a06ff14cd23fda8714e6ec37cdfb"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/57xxx/CVE-2024-57992.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: unregister wiphy only if it has been registered\n\nThere is a specific error path in probe functions in wilc drivers (both\nsdio and spi) which can lead to kernel panic, as this one for example\nwhen using SPI:\n\nUnable to handle kernel paging request at virtual address 9f000000 when read\n[9f000000] *pgd=00000000\nInternal error: Oops: 5 [#1] ARM\nModules linked in: wilc1000_spi(+) crc_itu_t crc7 wilc1000 cfg80211 bluetooth ecdh_generic ecc\nCPU: 0 UID: 0 PID: 106 Comm: modprobe Not tainted 6.13.0-rc3+ #22\nHardware name: Atmel SAMA5\nPC is at wiphy_unregister+0x244/0xc40 [cfg80211]\nLR is at wiphy_unregister+0x1c0/0xc40 [cfg80211]\n[...]\n wiphy_unregister [cfg80211] from wilc_netdev_cleanup+0x380/0x494 [wilc1000]\n wilc_netdev_cleanup [wilc1000] from wilc_bus_probe+0x360/0x834 [wilc1000_spi]\n wilc_bus_probe [wilc1000_spi] from spi_probe+0x15c/0x1d4\n spi_probe from really_probe+0x270/0xb2c\n really_probe from __driver_probe_device+0x1dc/0x4e8\n __driver_probe_device from driver_probe_device+0x5c/0x140\n driver_probe_device from __driver_attach+0x220/0x540\n __driver_attach from bus_for_each_dev+0x13c/0x1a8\n bus_for_each_dev from bus_add_driver+0x2a0/0x6a4\n bus_add_driver from driver_register+0x27c/0x51c\n driver_register from do_one_initcall+0xf8/0x564\n do_one_initcall from do_init_module+0x2e4/0x82c\n do_init_module from load_module+0x59a0/0x70c4\n load_module from init_module_from_file+0x100/0x148\n init_module_from_file from sys_finit_module+0x2fc/0x924\n sys_finit_module from ret_fast_syscall+0x0/0x1c\n\nThe issue can easily be reproduced, for example by not wiring correctly\na wilc device through SPI (and so, make it unresponsive to early SPI\ncommands). It is due to a recent change decoupling wiphy allocation from\nwiphy registration, however wilc_netdev_cleanup has not been updated\naccordingly, letting it possibly call wiphy unregister on a wiphy which\nhas never been registered.\n\nFix this crash by moving wiphy_unregister/wiphy_free out of\nwilc_netdev_cleanup, and by adjusting error paths in both drivers",
  "id": "CVE-2024-57992",
  "modified": "2026-04-01T23:08:20.292039703Z",
  "published": "2025-02-27T02:07:14.278Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1be94490b6b8a06ff14cd23fda8714e6ec37cdfb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c7115b8229f3e6cdfae43b1cdd180f5b6c67cd70"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/57xxx/CVE-2024-57992.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57992"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.7.3",
  "summary": "wifi: wilc1000: unregister wiphy only if it has been registered"
}