Описание
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath11k: fix gtk offload status event locking
The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical section.
Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues.
Compile tested only.
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath11k: fix gtk offload status event locking
The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical section.
Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues.
Compile tested only.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-52777
- https://git.kernel.org/stable/c/0cf7577b6b3153b4b49deea9719fe43f96469c6d
- https://git.kernel.org/stable/c/1dea3c0720a146bd7193969f2847ccfed5be2221
- https://git.kernel.org/stable/c/cf9c7d783a2bf9305df4ef5b93d9063a52e18fca
- https://git.kernel.org/stable/c/e83246ecd3b193f8d91fce778e8a5ba747fc7d8a
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical section. Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues. Compile tested only.
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical section. Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues. Compile tested only.
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical section. Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues. Compile tested only.
In the Linux kernel, the following vulnerability has been resolved: w ...
Уязвимость функции ath11k_wmi_gtk_offload_status_event() модуля drivers/net/wireless/ath/ath11k/wmi.c - драйвера поддержки адаптеров беспроводной связи Atheros/Qualcomm ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании