PT-2024-32229 · Linux+4 · Linux Kernel+4

Published

2024-06-13

Updated

2026-05-26

CVE-2024-46827

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises when the access point receives an association request containing an Extended HE Capabilities Information Element with an invalid MCS-NSS, triggering a firmware crash. This occurs when EHT-PHY capabilities show support for a bandwidth and the MCS-NSS set for that particular bandwidth is filled with zeros, causing the driver to obtain a peer nss value of 0 and send it to the firmware, resulting in a crash. To address this, a validation step for the peer nss value is implemented before passing it to the firmware. If the value is greater than zero, it is forwarded to the firmware; otherwise, the association request is rejected to prevent potential firmware crashes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

AZL-53274

BDU:2025-05977

CVE-2024-46827

LSN-0117-1

OESA-2024-2219

OPENSUSE-SU-2024_3984-1

OPENSUSE-SU-2024_3986-1

SUSE-SU-2024:3984-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7196-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2024-32229 · Linux+4 · Linux Kernel+4

CVE-2024-46827

Weakness Enumeration

Related Identifiers

Affected Products

References · 1860