{"vulnerability": "CVE-2024-56663", "sightings": [{"uuid": "3a93fcf0-6f4a-4527-ac13-2eaeb615d449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56663", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2d624322", "content": "", "creation_timestamp": "2024-12-27T15:20:38.729221Z"}, {"uuid": "61fdfd24-b2ea-4625-b30c-0b26fe7033f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56663", "type": "seen", "source": "https://t.me/cvedetector/13776", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56663 - \"WiFi: Linux Kernel NL80211 Attr Validation Off-By-One Buffer Overflow\"\", \n  \"Content\": \"CVE ID : CVE-2024-56663 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nwifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one  \n  \nSince the netlink attribute range validation provides inclusive  \nchecking, the *max* of attribute NL80211_ATTR_MLO_LINK_ID should be  \nIEEE80211_MLD_MAX_NUM_LINKS - 1 otherwise causing an off-by-one.  \n  \nOne crash stack for demonstration:  \n==================================================================  \nBUG: KASAN: wild-memory-access in ieee80211_tx_control_port+0x3b6/0xca0 net/mac80211/tx.c:5939  \nRead of size 6 at addr 001102080000000c by task fuzzer.386/9508  \n  \nCPU: 1 PID: 9508 Comm: syz.1.386 Not tainted 6.1.70 #2  \nCall Trace:  \n   \n __dump_stack lib/dump_stack.c:88 [inline]  \n dump_stack_lvl+0x177/0x231 lib/dump_stack.c:106  \n print_report+0xe0/0x750 mm/kasan/report.c:398  \n kasan_report+0x139/0x170 mm/kasan/report.c:495  \n kasan_check_range+0x287/0x290 mm/kasan/generic.c:189  \n memcpy+0x25/0x60 mm/kasan/shadow.c:65  \n ieee80211_tx_control_port+0x3b6/0xca0 net/mac80211/tx.c:5939  \n rdev_tx_control_port net/wireless/rdev-ops.h:761 [inline]  \n nl80211_tx_control_port+0x7b3/0xc40 net/wireless/nl80211.c:15453  \n genl_family_rcv_msg_doit+0x22e/0x320 net/netlink/genetlink.c:756  \n genl_family_rcv_msg net/netlink/genetlink.c:833 [inline]  \n genl_rcv_msg+0x539/0x740 net/netlink/genetlink.c:850  \n netlink_rcv_skb+0x1de/0x420 net/netlink/af_netlink.c:2508  \n genl_rcv+0x24/0x40 net/netlink/genetlink.c:861  \n netlink_unicast_kernel net/netlink/af_netlink.c:1326 [inline]  \n netlink_unicast+0x74b/0x8c0 net/netlink/af_netlink.c:1352  \n netlink_sendmsg+0x882/0xb90 net/netlink/af_netlink.c:1874  \n sock_sendmsg_nosec net/socket.c:716 [inline]  \n __sock_sendmsg net/socket.c:728 [inline]  \n ____sys_sendmsg+0x5cc/0x8f0 net/socket.c:2499  \n ___sys_sendmsg+0x21c/0x290 net/socket.c:2553  \n __sys_sendmsg net/socket.c:2582 [inline]  \n __do_sys_sendmsg net/socket.c:2591 [inline]  \n __se_sys_sendmsg+0x19e/0x270 net/socket.c:2589  \n do_syscall_x64 arch/x86/entry/common.c:51 [inline]  \n do_syscall_64+0x45/0x90 arch/x86/entry/common.c:81  \n entry_SYSCALL_64_after_hwframe+0x63/0xcd  \n  \nUpdate the policy to ensure correct validation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:51:11.000000Z"}]}