CVE-2024-35938

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc3-1.gae4495f-default

Description The issue is related to the wifi: ath11k component in the Linux kernel, where the buf len field of ath11k mhi config qca6390 is assigned a value of 0, causing MHI to use a default size of 64KB to allocate channel buffers. This can lead to page allocation failures in scenarios where system memory is highly fragmented and memory compaction or reclaim is not allowed. The largest packet size for QMI target -> host communication is less than 6KB for WCN6855 and QCA6390. To mitigate this, the buf len field is changed to 8KB, resulting in order 1 allocation if the page size is 4KB, which can save memory and decrease the possibility of allocation failure.

Recommendations For Linux kernel versions prior to 6.8.0-rc3-1.gae4495f-default, update the kernel to a version that includes the fix for the wifi: ath11k component, where the buf len field of ath11k mhi config qca6390 is changed to 8KB. As a temporary workaround, consider restricting the use of the vulnerable component to minimize the risk of exploitation.