CVE-2024-38562
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: nl80211: Avoid address calculations via out of bounds array indexing
Before request->channels[] can be used, request->n_channels must be set. Additionally, address calculations for memory after the "channels" array need to be calculated from the allocation base ("request") rather than via the first "out of bounds" index of "channels", otherwise run-time bounds checking will throw a warning.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | e3eac9f32ec04112b39e01b574ac739382469bf9 < ed74398642fcb19f6ff385c35a7d512c6663e17b | affected |
| Linux | Linux | e3eac9f32ec04112b39e01b574ac739382469bf9 < 4e2a5566462b53db7d4c4722da86eedf0b8f546c | affected |
| Linux | Linux | e3eac9f32ec04112b39e01b574ac739382469bf9 < 8fa4d56564ee7cc2ee348258d88efe191d70dd7f | affected |
| Linux | Linux | e3eac9f32ec04112b39e01b574ac739382469bf9 < 838c7b8f1f278404d9d684c34a8cb26dc41aaaa1 | affected |
| Linux | Linux | 6.6 | affected |
| Linux | Linux | 0 < 6.6 | unaffected |
| Linux | Linux | 6.6.33 <= 6.6.* | unaffected |
| Linux | Linux | 6.8.12 <= 6.8.* | unaffected |
| Linux | Linux | 6.9.3 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/ed74398642fcb19f6ff385c35a7d512c6663e17b
- https://git.kernel.org/stable/c/4e2a5566462b53db7d4c4722da86eedf0b8f546c
- https://git.kernel.org/stable/c/8fa4d56564ee7cc2ee348258d88efe191d70dd7f
- https://git.kernel.org/stable/c/838c7b8f1f278404d9d684c34a8cb26dc41aaaa1
References
- https://git.kernel.org/stable/c/ed74398642fcb19f6ff385c35a7d512c6663e17b
- https://git.kernel.org/stable/c/4e2a5566462b53db7d4c4722da86eedf0b8f546c
- https://git.kernel.org/stable/c/8fa4d56564ee7cc2ee348258d88efe191d70dd7f
- https://git.kernel.org/stable/c/838c7b8f1f278404d9d684c34a8cb26dc41aaaa1
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.