PT-2024-7562 · Linux+8 · Linux Kernel+8
Published
2024-06-14
·
Updated
2026-01-12
·
CVE-2024-41071
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to the wifi mac80211 module in the Linux kernel, where address calculations via out of bounds array indexing can occur. This is due to the
req->n channels not being set before using req->channels[]. The vulnerability can potentially impact the confidentiality, integrity, and availability of protected information. The ieee80211 prep hw scan() function is involved in the issue, and the problem is triggered by the nl80211 trigger scan() function.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Improper Validation of Array Index
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Almalinux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu