CVE-2024-47721

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading The handler of firmware C2H event RTW89_MAC_C2H_FUNC_READ_WOW_CAM isn't implemented, but driver expects number of handlers is NUM_OF_RTW89_MAC_C2H_FUNC_WOW causing out-of-bounds access. Fix it by removing ID. Addresses-Coverity-ID: 1598775 ("Out-of-bounds read")
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

23 Oct 2024, 20:57

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.1
References () https://git.kernel.org/stable/c/10463308b9454f534d03300cf679bc4b3d078f46 - () https://git.kernel.org/stable/c/10463308b9454f534d03300cf679bc4b3d078f46 - Patch
References () https://git.kernel.org/stable/c/2c9c2d1a20916589497a7facbea3e82cabec4ab8 - () https://git.kernel.org/stable/c/2c9c2d1a20916589497a7facbea3e82cabec4ab8 - Patch
References () https://git.kernel.org/stable/c/56310ddb50b190b3390fdc974aec455d0a516bd2 - () https://git.kernel.org/stable/c/56310ddb50b190b3390fdc974aec455d0a516bd2 - Patch
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: rtw89: eliminar el ID de evento C2H no utilizado RTW89_MAC_C2H_FUNC_READ_WOW_CAM para evitar la lectura fuera de los límites El controlador del evento C2H del firmware RTW89_MAC_C2H_FUNC_READ_WOW_CAM no está implementado, pero el controlador espera que el número de controladores sea NUM_OF_RTW89_MAC_C2H_FUNC_WOW, lo que provoca un acceso fuera de los límites. Solucione el problema eliminando el ID. Addresses-Coverity-ID: 1598775 ("Lectura fuera de los límites")
CWE CWE-125

21 Oct 2024, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 12:15

Updated : 2024-10-23 20:57


NVD link : CVE-2024-47721

Mitre link : CVE-2024-47721

CVE.ORG link : CVE-2024-47721


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-125

Out-of-bounds Read