CVE-2024-53059
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
- The size of the response packet is not validated.
- The response buffer is not freed.
Resolve these issues by switching to iwl_mvm_send_cmd_status(), which handles both size validation and frees the buffer.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | f130bb75d8817c560b48c4d1a0e5279968a0859d < 9c98ee7ea463a838235e7a0e35851b38476364f2 | affected |
| Linux | Linux | f130bb75d8817c560b48c4d1a0e5279968a0859d < 45a628911d3c68e024eed337054a0452b064f450 | affected |
| Linux | Linux | f130bb75d8817c560b48c4d1a0e5279968a0859d < 3f45d590ccbae6dfd6faef54efe74c30bd85d3da | affected |
| Linux | Linux | f130bb75d8817c560b48c4d1a0e5279968a0859d < 64d63557ded6ff3ce72b18ab87a6c4b1b652161c | affected |
| Linux | Linux | f130bb75d8817c560b48c4d1a0e5279968a0859d < 3eb986c64c6bfb721950f9666a3b723cf65d043f | affected |
| Linux | Linux | f130bb75d8817c560b48c4d1a0e5279968a0859d < 9480c3045f302f43f9910d2d556d6cf5a62c1822 | affected |
| Linux | Linux | f130bb75d8817c560b48c4d1a0e5279968a0859d < 07a6e3b78a65f4b2796a8d0d4adb1a15a81edead | affected |
| Linux | Linux | 5.1 | affected |
| Linux | Linux | 0 < 5.1 | unaffected |
| Linux | Linux | 5.4.285 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.229 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.171 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.116 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.60 <= 6.6.* | unaffected |
| Linux | Linux | 6.11.7 <= 6.11.* | unaffected |
| Linux | Linux | 6.12 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Additional References
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://cert-portal.siemens.com/productcert/html/ssa-355557.html
References
- https://git.kernel.org/stable/c/9c98ee7ea463a838235e7a0e35851b38476364f2
- https://git.kernel.org/stable/c/45a628911d3c68e024eed337054a0452b064f450
- https://git.kernel.org/stable/c/3f45d590ccbae6dfd6faef54efe74c30bd85d3da
- https://git.kernel.org/stable/c/64d63557ded6ff3ce72b18ab87a6c4b1b652161c
- https://git.kernel.org/stable/c/3eb986c64c6bfb721950f9666a3b723cf65d043f
- https://git.kernel.org/stable/c/9480c3045f302f43f9910d2d556d6cf5a62c1822
- https://git.kernel.org/stable/c/07a6e3b78a65f4b2796a8d0d4adb1a15a81edead
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.