CVE-2024-47738

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask for scanning"), ignore incorrect settings to avoid no supported rate warning reported by syzbot. The syzbot did bisect and found cause is commit 9df66d5b9f45 ("cfg80211: fix default HE tx bitrate mask in 2G band"), which however corrects bitmask of HE MCS and recognizes correctly settings of empty legacy rate plus HE MCS rate instead of returning -EINVAL. As suggestions [1], follow the change of SCAN TX to consider this case of offchannel TX as well. [1] https://lore.kernel.org/linux-wireless/6ab2dc9c3afe753ca6fdcdd1421e7a1f47e87b84.camel@sipsolutions.net/T/#m2ac2a6d2be06a37c9c47a3d8a44b4f647ed4f024
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

23 Oct 2024, 22:12

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
First Time Linux linux Kernel
Linux
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 3.3
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mac80211: tampoco use máscara de velocidad para TX fuera de canal Al igual que el commit ab9177d83c04 ("wifi: mac80211: no use máscara de velocidad para escanear"), ignore las configuraciones incorrectas para evitar la advertencia de velocidad no admitida informada por syzbot. El syzbot dividió y encontró la causa en el commit 9df66d5b9f45 ("cfg80211: corrige la máscara de velocidad de bits de transmisión HE predeterminada en la banda 2G"), que sin embargo corrige la máscara de bits de HE MCS y reconoce correctamente las configuraciones de la velocidad heredada vacía más la velocidad de HE MCS en lugar de devolver -EINVAL. Como sugerencias [1], siga el cambio de SCAN TX para considerar también este caso de TX fuera de canal. [1] https://lore.kernel.org/linux-wireless/6ab2dc9c3afe753ca6fdcdd1421e7a1f47e87b84.camel@sipsolutions.net/T/#m2ac2a6d2be06a37c9c47a3d8a44b4f647ed4f024
References () https://git.kernel.org/stable/c/3565ef215101ffadb5fe5394c70b1fca51376b25 - () https://git.kernel.org/stable/c/3565ef215101ffadb5fe5394c70b1fca51376b25 - Patch
References () https://git.kernel.org/stable/c/43897111481b679508711d3ca881c4c6593e9247 - () https://git.kernel.org/stable/c/43897111481b679508711d3ca881c4c6593e9247 - Patch
References () https://git.kernel.org/stable/c/aafca50e71dc8f3192a5bfb325135a7908f3ef9e - () https://git.kernel.org/stable/c/aafca50e71dc8f3192a5bfb325135a7908f3ef9e - Patch
References () https://git.kernel.org/stable/c/d54455a3a965feb547711aff7afd2ca5deadb99c - () https://git.kernel.org/stable/c/d54455a3a965feb547711aff7afd2ca5deadb99c - Patch
References () https://git.kernel.org/stable/c/e7a7ef9a0742dbd0818d5b15fba2c5313ace765b - () https://git.kernel.org/stable/c/e7a7ef9a0742dbd0818d5b15fba2c5313ace765b - Patch

21 Oct 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 13:15

Updated : 2024-10-23 22:12


NVD link : CVE-2024-47738

Mitre link : CVE-2024-47738

CVE.ORG link : CVE-2024-47738


JSON object : View

Products Affected

linux

  • linux_kernel