CVE-2024-27056Linux vulnerability

7 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 96.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
LinuxLinux KernelDebian Linux+4 more
Timeline
PublishedMay 1
Latest updateMay 14

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated by the firmware. In the unusual event that no packets have been send on TID 0, the queue will not have been allocated and this causes a crash. Fix this by ensuring the queue exist at suspend time.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages8 packages

NVDlinux/linux_kernel6.26.6.85+3
Debianlinux/linux_kernel< 6.1.133-1+2
CVEListV5linux/linuxba7136f3f9e849e5776429317bf45ac3d4cfa3f74903303f25f48b5a1e34e6324c7fae9ccd6b959a+4
debiandebian/linux< linux 6.1.133-1 (bookworm)
debiandebian/linux-6.1< linux 6.1.133-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-f487-f23r-hjx6: In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assu2024-05-01
OSV
CVE-2024-27056: In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assume2024-05-01

📋Vendor Advisories

3
Microsoft
wifi: iwlwifi: mvm: ensure offloading TID queue exists2024-05-14
Red Hat
kernel: wifi: iwlwifi: mvm: ensure offloading TID queue exists2024-05-01
Debian
CVE-2024-27056: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwi...2024

💬Community

1
Bugzilla
CVE-2024-27056 kernel: wifi: iwlwifi: mvm: ensure offloading TID queue exists2024-05-01