CVE-2024-26682

Name of the Vulnerable Software and Affected Versions Linux kernel versions <= 6.7.4

Description The issue is related to the wifi mac80211 component in the Linux kernel, where some access points (APs) have ECSA elements stuck in their probe response. This causes the kernel to not attempt to connect while CSA is happening, resulting in a failure to connect to such APs. The situation is improved by checking more carefully and ignoring the ECSA if cfg80211 has previously detected the ECSA element being stuck in the probe response. Additionally, connecting to an AP that's switching to a channel it's already using is allowed, unless it's using quiet mode.

Recommendations To resolve the issue, upgrade the Linux kernel to a version higher than 6.7.4. As a temporary workaround, consider restricting access to APs with stuck ECSA elements in their probe response until a patch is available.