CVE-2024-36970

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: Use request_module_nowait

This appears to work around a deadlock regression that came in with the LED merge in 6.9.

The deadlock happens on my system with 24 iwlwifi radios, so maybe it something like all worker threads are busy and some work that needs to complete cannot complete.

[also remove unnecessary "load_module" var and now-wrong comment]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf5c31bcf604db54470868f3118a60dc4a9ba8813 < d20013259539e2fde2deeac85354851097afdf9eaffected
LinuxLinuxf5c31bcf604db54470868f3118a60dc4a9ba8813 < 3d913719df14c28c4d3819e7e6d150760222bda4affected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.9.2 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References