CVE-2024-35789

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes

When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can cause use-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx after the VLAN change.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa7f1721684628b8ae6015bca9a176046ee6f30cc < ea9a0cfc07a7d3601cc680718d9cff0d6927a921affected
LinuxLinuxbd7e90c82850f49c23004d54de14e46d373748a6 < be1dd9254fc115321d6fbee042026d42afc8d931affected
LinuxLinuxcc413b375c6d95e68a4629cb1ba9d099de78ebb9 < e8b067c4058c0121ac8ca71559df8e2e08ff1a7eaffected
LinuxLinuxdd0b45538146cb6a54d6da7663b8c3afd16ebcfd < c8bddbd91bc8e42c961a5e2cec20ab879f21100faffected
LinuxLinuxdd0b45538146cb6a54d6da7663b8c3afd16ebcfd < 7eeabcea79b67cc29563e6a9a5c81f9e2c664d5baffected
LinuxLinuxdd0b45538146cb6a54d6da7663b8c3afd16ebcfd < 6b948b54c8bd620725e0c906e44b10c0b13087a7affected
LinuxLinuxdd0b45538146cb6a54d6da7663b8c3afd16ebcfd < 2884a50f52313a7a911de3afcad065ddbb3d78fcaffected
LinuxLinuxdd0b45538146cb6a54d6da7663b8c3afd16ebcfd < e8678551c0243f799b4859448781cbec1bd6f1cbaffected
LinuxLinuxdd0b45538146cb6a54d6da7663b8c3afd16ebcfd < 4f2bdb3c5e3189297e156b3ff84b140423d64685affected
LinuxLinux22bc2a4814440c4a8979a381f46fec5d224f5c11affected
LinuxLinux7cfe824f681e1aaac34ea64bb4def8a77801b672affected
LinuxLinux4.19.189 < 4.19.312affected
LinuxLinux5.4.114 < 5.4.274affected
LinuxLinux5.10.32 < 5.10.215affected
LinuxLinux4.14.232 < 4.15affected
LinuxLinux5.11.16 < 5.12affected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux4.19.312 <= 4.19.*unaffected
LinuxLinux5.4.274 <= 5.4.*unaffected
LinuxLinux5.10.215 <= 5.10.*unaffected
LinuxLinux5.15.154 <= 5.15.*unaffected
LinuxLinux6.1.84 <= 6.1.*unaffected
LinuxLinux6.6.24 <= 6.6.*unaffected
LinuxLinux6.7.12 <= 6.7.*unaffected
LinuxLinux6.8.3 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References