5.5

CVE-2024-26779

wifi: mac80211: fix race condition on enabling fast-xmit

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: fix race condition on enabling fast-xmit

fast-xmit must only be enabled after the sta has been uploaded to the driver,
otherwise it could end up passing the not-yet-uploaded sta via drv_tx calls
to the driver, leading to potential crashes because of uninitialized drv_priv
data.
Add a missing sta->uploaded check and re-check fast xmit after inserting a sta.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.19.308
LinuxLinux Kernel Version >= 4.20 < 5.4.270
LinuxLinux Kernel Version >= 5.5 < 5.10.211
LinuxLinux Kernel Version >= 5.11 < 5.15.150
LinuxLinux Kernel Version >= 5.16 < 6.1.80
LinuxLinux Kernel Version >= 6.2 < 6.6.19
LinuxLinux Kernel Version >= 6.7 < 6.7.7
LinuxLinux Kernel Version6.8 Updaterc1
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.09
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Mailing List
https://git.kernel.org/stable/c/281280276b70c822f55ce15b661f6d1d3228aaa9
Patch
https://git.kernel.org/stable/c/54b79d8786964e2f840e8a2ec4a9f9a50f3d4954
Patch
https://git.kernel.org/stable/c/5ffab99e070b9f8ae0cf60c3c3602b84eee818dd
Patch
https://git.kernel.org/stable/c/76fad1174a0cae6fc857b9f88b261a2e4f07d587
Patch
https://git.kernel.org/stable/c/85720b69aef177318f4a18efbcc4302228a340e5
Patch
https://git.kernel.org/stable/c/88c18fd06608b3adee547102505d715f21075c9d
Patch
https://git.kernel.org/stable/c/bcbc84af1183c8cf3d1ca9b78540c2185cd85e7f
Patch
https://git.kernel.org/stable/c/eb39bb548bf974acad7bd6780fe11f9e6652d696
Patch