[SRU][F][PATCH 0/1] CVE-2024-40929
Koichiro Den
koichiro.den at canonical.com
Wed Sep 11 01:54:40 UTC 2024
[Impact]
wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
In some versions of cfg80211, the ssids poinet might be a valid one even
though n_ssids is 0. Accessing the pointer in this case will cuase an
out-of-bound access. Fix this by checking n_ssids first.
[Backport]
Adjusted context due to multiple missing commits, including commit
19ff9b2c6e3c ("iwlwifi: scan: adapt the code to use api ver 11").
[Fix]
Noble: fixed via stable
Jammy: fixed via stable
Focal: Backport - adjusted contexts, see [Backport]
Bionic: not affected
Xenial: not affected
Trusty: not affected
[Test case]
Compile and boot tested
[Where problems could occur]
This fix affects those who use iwlwifi, an issue with this fix would be
visible to the user via OOB, potentially leading to a system crash.
Miri Korenblit (1):
wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
drivers/net/wireless/intel/iwlwifi/mvm/scan.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
2.43.0
More information about the kernel-team
mailing list