[SRU][N][PATCH 0/1] CVE-2024-53156
Bethany Jamison
bethany.jamison at canonical.com
Mon Feb 10 17:31:09 UTC 2025
[Impact]
wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()
There is an array index out of bounds in drivers/net/wireless/ath/ath9k/htc_hst.c
caused by insufficient verification of conn_rsp_epid. To fix this add a range check for
conn_rsp_epid to htc_connect_service() to prevent the bug from occurring.
[Fix]
Oracular: pending (6.11.0-17.17)
Noble: Clean cherry-pick from linux-6.11.y
Jammy: pending
Focal: pending
Bionic: fix sent to esm ML
Xenial: fix sent to esm ML
Trusty: won't fix as it is not critical
[Test Case]
Compile tested.
[Where problems could occur]
This fix affects those who use Atheros 802.11n USB chipsets,
an issue with this fix would be visible to the user via unexpected
system behavior.
Jeongjun Park (1):
wifi: ath9k: add range check for conn_rsp_epid in
htc_connect_service()
drivers/net/wireless/ath/ath9k/htc_hst.c | 3 +++
1 file changed, 3 insertions(+)
--
2.43.0
More information about the kernel-team
mailing list