| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024072909-CVE-2024-41072-86de@gregkh> Date: Mon, 29 Jul 2024 16:58:18 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-41072: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check Description =========== In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211_wext_siwscan()', add extra check whether number of channels passed via 'ioctl(sock, SIOCSIWSCAN, ...)' doesn't exceed IW_MAX_FREQUENCIES and reject invalid request with -EINVAL otherwise. The Linux kernel CVE team has assigned CVE-2024-41072 to this issue. Affected and fixed versions =========================== Fixed in 4.19.319 with commit b02ba9a0b55b Fixed in 5.4.281 with commit de5fcf757e33 Fixed in 5.10.223 with commit 6295bad58f98 Fixed in 5.15.164 with commit a43cc0558530 Fixed in 6.1.101 with commit 001120ff0c9e Fixed in 6.6.42 with commit fe9644efd867 Fixed in 6.9.11 with commit 35cee10ccaee Fixed in 6.10 with commit 6ef09cdc5ba0 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-41072 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: net/wireless/scan.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/b02ba9a0b55b762bd04743a22f3d9f9645005e79 https://git.kernel.org/stable/c/de5fcf757e33596eed32de170ce5a93fa44dd2ac https://git.kernel.org/stable/c/6295bad58f988eaafcf0e6f8b198a580398acb3b https://git.kernel.org/stable/c/a43cc0558530b6c065976b6b9246f512f8d3593b https://git.kernel.org/stable/c/001120ff0c9e3557dee9b5ee0d358e0fc189996f https://git.kernel.org/stable/c/fe9644efd86704afe50e56b64b609de340ab7c95 https://git.kernel.org/stable/c/35cee10ccaee5bd451a480521bbc25dc9f07fa5b https://git.kernel.org/stable/c/6ef09cdc5ba0f93826c09d810c141a8d103a80fc
Powered by blists - more mailing lists