PT-2024-7704 · Linux+5 · Linux Kernel+5

Published

2024-01-10

·

Updated

2024-11-04

·

CVE-2023-52644

CVSS v3.1

6.3

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.1 (b43 component)
Description The vulnerability is related to the b43 component in the Linux kernel. It is caused by an incorrect mapping of the queue priority value to the correct ieee80211 queue when QoS is disabled, resulting in the stop/wake of a non-existent queue. This can lead to a denial-of-service (DoS) condition. The issue is resolved by stopping/waking queue 0 when QoS is disabled.
Recommendations To resolve the issue, upgrade the Linux kernel to version 6.8.1 or later. If an upgrade is not possible, consider disabling the b43 component or applying a patch to fix the issue. Additionally, monitor systems for suspicious activity on the local network and audit systems using affected versions.

Exploit

Fix

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

BDU:2024-09162
CVE-2023-52644
DLA-3840-1
DLA-3842-1
DSA-5681-1
OESA-2024-1617
OESA-2024-1618
OESA-2024-1622
OESA-2024-1647
OESA-2024-1648
OESA-2024-1649
SUSE-SU-2024:1643-1
SUSE-SU-2024:1646-1
SUSE-SU-2024:1870-1
SUSE-SU-2024:2008-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2190-1
USN-6816-1
USN-6817-1
USN-6817-2
USN-6817-3
USN-6820-1
USN-6820-2
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6828-1
USN-6871-1
USN-6878-1
USN-6892-1
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6919-1
USN-6972-1
USN-6972-2
USN-6972-3
USN-6972-4
USN-6976-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu