PT-2024-26789 · Linux+10 · Linux Kernel+10

Published

2024-02-26

·

Updated

2026-04-20

·

CVE-2024-35937

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the wifi: cfg80211 component in the Linux kernel, where the A-MSDU format is not checked carefully enough. If it appears that there is another subframe in the A-MSDU but the header is not fully present, the system can end up reading data out of bounds, only to discard it later. The fix involves making the check more careful to ensure the subframe header can be present.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2024:5101
ALSA-2024:5102
ALSA-2024:5363
ALSA-2025_16880
AZL-57805
BDU:2025-08086
CESA-2024_5101
CESA-2024_5102
CVE-2024-35937
DLA-4008-1
DSA-5782-1
INFSA-2024_5101
INFSA-2024_5102
INFSA-2024_5363
OESA-2024-1736
OESA-2024-1737
OESA-2024-1738
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4376-1
RHSA-2024:4740
RHSA-2024:5101
RHSA-2024:5102
RHSA-2024:5363
RHSA-2024:5364
RHSA-2024:5365
RHSA-2024_5101
RHSA-2024_5102
RHSA-2024_5363
RLSA-2024:5101
RLSA-2024:5102
RLSA-2024:5363
RXSA-2024:5101
SUSE-SU-2024:2135-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2973-1
SUSE-SU-2024:4038-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4367-1
SUSE-SU-2024:4376-1
SUSE-SU-2025:0035-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20249-1
USN-6893-1
USN-6893-2
USN-6893-3
USN-6918-1

Affected Products

Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu