We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-53055

wifi: iwlwifi: mvm: fix 6 GHz scan construction



Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop variable has type u8, which can never reach the number found when that's bigger than 255, and is stored in a u32 variable. Also move it into the loops to have a smaller scope. Using a u32 there is fine, we limit the number of APs in the scan list and each has a limit on the number of RNR entries due to the frame size. With a limit of 1000 scan results, a frame size upper bound of 4096 (really it's more like ~2300) and a TBTT entry size of at least 11, we get an upper bound for the number of ~372k, well in the bounds of a u32.

Reserved 2024-11-19 | Published 2024-11-19 | Updated 2024-11-19 | Assigner Linux

Product status

Default status
unaffected

eae94cf82d74 before 2ac15e5a8f42
affected

eae94cf82d74 before cde8a7eb5c67
affected

eae94cf82d74 before fc621e7a043d
affected

eae94cf82d74 before 2ccd5badadab
affected

eae94cf82d74 before 7245012f0f49
affected

Default status
affected

5.11
affected

Any version before 5.11
unaffected

5.15.171
unaffected

6.1.116
unaffected

6.6.60
unaffected

6.11.7
unaffected

6.12
unaffected

References

git.kernel.org/stable/c/2ac15e5a8f42fed5d90ed9e1197600913678c50f

git.kernel.org/stable/c/cde8a7eb5c6762264ff0f4433358e0a0d250c875

git.kernel.org/stable/c/fc621e7a043de346c33bd7ae7e2e0c651d6152ef

git.kernel.org/stable/c/2ccd5badadab2d586e91546bf5af3deda07fef1f

git.kernel.org/stable/c/7245012f0f496162dd95d888ed2ceb5a35170f1a

cve.org (CVE-2024-53055)

nvd.nist.gov (CVE-2024-53055)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-53055

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.