7.8
CVE-2024-49930
- EPSS 0.26%
- Veröffentlicht 21.10.2024 18:15:14
- Zuletzt bearbeitet 12.05.2026 12:17:17
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
wifi: ath11k: fix array out-of-bound access in SoC stats
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx() function access ath11k_soc_dp_stats::hal_reo_error using the REO destination SRNG ring ID, which is incorrect. SRNG ring ID differ from normal ring ID, and this usage leads to out-of-bounds array access. To fix this issue, modify ath11k_dp_process_rx() to use the normal ring ID directly instead of the SRNG ring ID to avoid out-of-bounds array access. Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.10.227
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.168
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.113
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.55
Linux ≫ Linux Kernel Version >= 6.7 < 6.10.14
Linux ≫ Linux Kernel Version >= 6.11 < 6.11.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.169 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
https://git.kernel.org/stable/c/01b77f5ee11c89754fb836af8f76799d3b72ae2f
https://git.kernel.org/stable/c/0f26f26944035ec67546a944f182cbad6577a9c0
https://git.kernel.org/stable/c/4dd732893bd38cec51f887244314e2b47f0d658f
https://git.kernel.org/stable/c/6045ef5b4b00fee3629689f791992900a1c94009
https://git.kernel.org/stable/c/69f253e46af98af17e3efa3e5dfa72fcb7d1983d
https://git.kernel.org/stable/c/73e235728e515faccc104b0153b47d0f263b3344
https://git.kernel.org/stable/c/7a552bc2f3efe2aaf77a85cb34cdf4a63d81a1a7
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://cert-portal.siemens.com/productcert/html/ssa-265688.html
https://cert-portal.siemens.com/productcert/html/ssa-355557.html