5.5

CVE-2023-53589

wifi: iwlwifi: mvm: don't trust firmware n_channels

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: don't trust firmware n_channels

If the firmware sends us a corrupted MCC response with
n_channels much larger than the command response can be,
we might copy far too much (uninitialized) memory and
even crash if the n_channels is large enough to make it
run out of the one page allocated for the FW response.

Fix that by checking the lengths. Doing a < comparison
would be sufficient, but the firmware should be doing
it correctly, so check more strictly.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.1 < 5.4.244
LinuxLinux Kernel Version >= 5.5 < 5.10.181
LinuxLinux Kernel Version >= 5.11 < 5.15.113
LinuxLinux Kernel Version >= 5.16 < 6.1.30
LinuxLinux Kernel Version >= 6.2 < 6.3.4
LinuxLinux Kernel Version6.4 Updaterc1
LinuxLinux Kernel Version6.4 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/e519a404a5bbba37693cb10fa61794a5fce4fd9b
Patch
https://git.kernel.org/stable/c/d0d39bed9e95f27a246be91c5929254ac043ed30
Patch
https://git.kernel.org/stable/c/05ad5a4d421ce65652fcb24d46b7e273130240d6
Patch
https://git.kernel.org/stable/c/557ba100d8cf3661ff8d71c0b4a2cba8db555ec2
Patch
https://git.kernel.org/stable/c/c176f03350954b795322de0bfe1d7b514db41f45
Patch
https://git.kernel.org/stable/c/682b6dc29d98e857e6ca4bbc077c7dc2899b7473
Patch