CVE-2024-43881

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the wifi: ath12k module in the Linux kernel, where the DMA direction is not correctly set when mapping reinjected packets. For fragmented packets, the ath12k module reassembles each fragment as a normal packet and then reinjects it into the HW ring. However, the DMA direction should be set to DMA TO DEVICE, not DMA FROM DEVICE. Otherwise, an invalid payload may be reinjected into the HW and subsequently delivered to the host. This can lead to a risk of private information being leaked, as arbitrary memory can be allocated to the skb buffer and knowledge about the data contained in the reinjected buffer is lacking.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.