CVE-2024-58015

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: Fix for out-of bound access error

Selfgen stats are placed in a buffer using print_array_to_buf_index() function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory error. Decreasing buffer size by one fixes faulty upper bound of passed array.

Discovered in coverity scan, CID 1600742 and CID 1600758

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd889913205cf7ebda905b1e62c5867ed4e39f6c2 < 8700c4bf8b7ed98037d2acf1eaf770ad6dd431d4affected
LinuxLinuxd889913205cf7ebda905b1e62c5867ed4e39f6c2 < eb8c0534713865d190856f10bfc97cf0b88475b1affected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.13.3 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

References