CVE-2024-50008

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexible-array member in `struct host_cmd_ds_802_11_scan_ext`. With this, fix the following warning: elo 16 17:51:58 surfacebook kernel: ------------[ cut here ]------------ elo 16 17:51:58 surfacebook kernel: memcpy: detected field-spanning write (size 243) of single field "ext_scan->tlv_buffer" at drivers/net/wireless/marvell/mwifiex/scan.c:2239 (size 1) elo 16 17:51:58 surfacebook kernel: WARNING: CPU: 0 PID: 498 at drivers/net/wireless/marvell/mwifiex/scan.c:2239 mwifiex_cmd_802_11_scan_ext+0x83/0x90 [mwifiex]

Reserved 2024-10-21 | Published 2024-10-21 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before b55c8848fdc81514ec047b2a0ec782ffe9ab5323
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before f9310a6704bf52e2493480edea896e1f9b795d40
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 1756918f51e9ab247a0f4782cc28853c2bb457c1
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before e59bdb1ba594104cd0ee0af3ee9e4435d842a8fe
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 17199b69a84798efffc475040fbef44374ef1de1
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before fef7b51f22cf2049b0ca6740adeb0ba6f2e671dc
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 71267bd4e8c752d7af6c6b96bb83984a6a95273d
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before a3a12c30f9510f3753286fadbc6cdb7dad78c1d5
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 498365e52bebcbc36a93279fe7e9d6aec8479cee
affected

Default status
affected

4.19.323
unaffected

5.4.285
unaffected

5.10.227
unaffected

5.15.168
unaffected

6.1.113
unaffected

6.6.55
unaffected

6.10.14
unaffected

6.11.3
unaffected

6.12
unaffected

References

git.kernel.org/...c/b55c8848fdc81514ec047b2a0ec782ffe9ab5323

git.kernel.org/...c/f9310a6704bf52e2493480edea896e1f9b795d40

git.kernel.org/...c/1756918f51e9ab247a0f4782cc28853c2bb457c1

git.kernel.org/...c/e59bdb1ba594104cd0ee0af3ee9e4435d842a8fe

git.kernel.org/...c/17199b69a84798efffc475040fbef44374ef1de1

git.kernel.org/...c/fef7b51f22cf2049b0ca6740adeb0ba6f2e671dc

git.kernel.org/...c/71267bd4e8c752d7af6c6b96bb83984a6a95273d

git.kernel.org/...c/a3a12c30f9510f3753286fadbc6cdb7dad78c1d5

git.kernel.org/...c/498365e52bebcbc36a93279fe7e9d6aec8479cee

cve.org (CVE-2024-50008)

nvd.nist.gov (CVE-2024-50008)

Download JSON