Coldolt

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions <= 6.7.4 **Description** The issue is related to the wifi mac80211 component in the Linux kernel, where some access points (APs) have ECSA elements stuck in their probe response. This causes the kernel to not attempt to connect while CSA is happening, resulting in a failure to connect to such APs. The situation is improved by checking more carefully and ignoring the ECSA if cfg80211 has previously detected the ECSA element being stuck in the probe response. Additionally, connecting to an AP that's switching to a channel it's already using is allowed, unless it's using quiet mode. **Recommendations** To resolve the issue, upgrade the Linux kernel to a version higher than 6.7.4. As a temporary workaround, consider restricting access to APs with stuck ECSA elements in their probe response until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the Linux kernel's wifi functionality, specifically with the cfg80211 module. A problem was introduced when validation was added to prevent connections to an Access Point (AP) that is currently in a channel switch process. This caused new connection failures because some APs, like the Asus RT-AC53 with firmware 3.0.0.4.380 10760-g21a5898, permanently advertise an extended channel switch announcement. The kernel now attempts to detect such situations to handle them appropriately. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.