We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop variable has type u8, which can never reach the number found when that's bigger than 255, and is stored in a u32 variable. Also move it into the loops to have a smaller scope. Using a u32 there is fine, we limit the number of APs in the scan list and each has a limit on the number of RNR entries due to the frame size. With a limit of 1000 scan results, a frame size upper bound of 4096 (really it's more like ~2300) and a TBTT entry size of at least 11, we get an upper bound for the number of ~372k, well in the bounds of a u32.
Reserved 2024-11-19 | Published 2024-11-19 | Updated 2024-11-19 | Assigner Linuxgit.kernel.org/stable/c/2ac15e5a8f42fed5d90ed9e1197600913678c50f
git.kernel.org/stable/c/cde8a7eb5c6762264ff0f4433358e0a0d250c875
git.kernel.org/stable/c/fc621e7a043de346c33bd7ae7e2e0c651d6152ef
git.kernel.org/stable/c/2ccd5badadab2d586e91546bf5af3deda07fef1f
git.kernel.org/stable/c/7245012f0f496162dd95d888ed2ceb5a35170f1a
Support options