PT-2024-30703 · Linux+5 · Linux Kernel+5

Published

2024-07-08

Updated

2025-09-29

CVE-2024-43841

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises when a user attempts to connect with a different SSID than the one virt wifi has advertised. The connection code in virt wifi does not check the SSID from user space, only checking the BSSID, and virt wifi will call cfg80211 connect result() with WLAN STATUS SUCCESS even if the SSID is different. This triggers a warning WARN ON(bss not found) because cfg80211 cannot find the cfg80211 bss. The problem is resolved by checking the SSID from user space in the connection code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-14046

AZL-51847

BDU:2025-01737

CVE-2024-43841

DLA-3912-1

DLA-4008-1

MGASA-2024-0309

MGASA-2024-0310

OESA-2024-2124

OESA-2024-2321

OESA-2024-2322

OESA-2024-2324

OPENSUSE-SU-2024_3190-1

OPENSUSE-SU-2024_3209-1

OPENSUSE-SU-2024_3483-1

SUSE-SU-2024:3190-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3383-1

SUSE-SU-2024:3483-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-7088-1

USN-7088-2

USN-7088-3

USN-7088-4

USN-7088-5

USN-7100-1

USN-7100-2

USN-7119-1

USN-7123-1

USN-7144-1

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7194-1

USN-7196-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-30703 · Linux+5 · Linux Kernel+5

CVE-2024-43841

Weakness Enumeration

Related Identifiers

Affected Products

References · 2213