CVE-2024-26666

Опубликовано: 02 апр. 2024

Источник: redhat

CVSS3: 5.5

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix RCU use in TDLS fast-xmit This looks up the link under RCU protection, but isn't guaranteed to actually have protection. Fix that.

A flaw was found in the Linux kernel’s mac80211 subsystem, which handles wireless networking. The issue arises from improper handling of Read-Copy-Update (RCU) in the Tunneled Direct Link Setup (TDLS) fast-xmit function. This flaw can result in using unprotected data structures during execution, leading to potential system instability or exploitation.

Отчет

The vulnerability affects certain Linux kernel versions and has been fixed by assuring that the necessary protections are applied during the lookup of wireless links in TDLS.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Under investigation
Red Hat Enterprise Linux 9	kernel-rt	Under investigation

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=2272773kernel: wifi: mac80211: fix RCU use in TDLS fast-xmit

EPSS

Процентиль: 1%

0.00013

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2024-26666

CVSS3: 7.8

ubuntu

около 1 года назад

CVE-2024-26666

CVSS3: 7.8

nvd

около 1 года назад

CVE-2024-26666

CVSS3: 7.8

debian

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: w ...

GHSA-vw56-6j9w-9rvx

CVSS3: 7.8

github

около 1 года назад

ROS-20241015-13

CVSS3: 7.8

redos

8 месяцев назад

Множественные уязвимости kernel-lt

EPSS

Процентиль: 1%

0.00013

Низкий

5.5 Medium

CVSS3