CVE-2024-26637 (GCVE-0-2024-26637)

Vulnerability from cvelistv5 – Published: 2024-03-18 10:14 – Updated: 2025-05-04 08:52
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: rely on mac80211 debugfs handling for vif mac80211 started to delete debugfs entries in certain cases, causing a ath11k to crash when it tried to delete the entries later. Fix this by relying on mac80211 to delete the entries when appropriate and adding them from the vif_add_debugfs handler.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 0a3d898ee9a8303d5b3982b97ef0703919c3ea76 , < aa74ce30a8a40d19a4256de4ae5322e71344a274 (git)
Affected: 0a3d898ee9a8303d5b3982b97ef0703919c3ea76 , < 556857aa1d0855aba02b1c63bc52b91ec63fc2cc (git)
Create a notification for this product.
    Linux Linux Affected: 6.7
Unaffected: 0 , < 6.7 (semver)
Unaffected: 6.7.3 , ≤ 6.7.* (semver)
Unaffected: 6.8 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:07:19.812Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26637",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:55:06.774541Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:16.633Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/core.h",
            "drivers/net/wireless/ath/ath11k/debugfs.c",
            "drivers/net/wireless/ath/ath11k/debugfs.h",
            "drivers/net/wireless/ath/ath11k/mac.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "aa74ce30a8a40d19a4256de4ae5322e71344a274",
              "status": "affected",
              "version": "0a3d898ee9a8303d5b3982b97ef0703919c3ea76",
              "versionType": "git"
            },
            {
              "lessThan": "556857aa1d0855aba02b1c63bc52b91ec63fc2cc",
              "status": "affected",
              "version": "0a3d898ee9a8303d5b3982b97ef0703919c3ea76",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/core.h",
            "drivers/net/wireless/ath/ath11k/debugfs.c",
            "drivers/net/wireless/ath/ath11k/debugfs.h",
            "drivers/net/wireless/ath/ath11k/mac.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.7"
            },
            {
              "lessThan": "6.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.3",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: rely on mac80211 debugfs handling for vif\n\nmac80211 started to delete debugfs entries in certain cases, causing a\nath11k to crash when it tried to delete the entries later. Fix this by\nrelying on mac80211 to delete the entries when appropriate and adding\nthem from the vif_add_debugfs handler."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T08:52:49.805Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274"
        },
        {
          "url": "https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc"
        }
      ],
      "title": "wifi: ath11k: rely on mac80211 debugfs handling for vif",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26637",
    "datePublished": "2024-03-18T10:14:48.378Z",
    "dateReserved": "2024-02-19T14:20:24.137Z",
    "dateUpdated": "2025-05-04T08:52:49.805Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nwifi: ath11k: rely on mac80211 debugfs handling for vif\\n\\nmac80211 started to delete debugfs entries in certain cases, causing a\\nath11k to crash when it tried to delete the entries later. Fix this by\\nrelying on mac80211 to delete the entries when appropriate and adding\\nthem from the vif_add_debugfs handler.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: wifi: ath11k: conf\\u00eda en el manejo de debugfs de mac80211 para vif mac80211 comenz\\u00f3 a eliminar entradas de debugfs en ciertos casos, lo que provoc\\u00f3 que ath11k fallara cuando intent\\u00f3 eliminar las entradas m\\u00e1s tarde. Solucione este problema confiando en mac80211 para eliminar las entradas cuando corresponda y agreg\\u00e1ndolas desde el controlador vif_add_debugfs.\"}]",
      "id": "CVE-2024-26637",
      "lastModified": "2024-11-21T09:02:44.403",
      "published": "2024-03-18T11:15:10.550",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-26637\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-03-18T11:15:10.550\",\"lastModified\":\"2025-03-10T17:02:44.790\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nwifi: ath11k: rely on mac80211 debugfs handling for vif\\n\\nmac80211 started to delete debugfs entries in certain cases, causing a\\nath11k to crash when it tried to delete the entries later. Fix this by\\nrelying on mac80211 to delete the entries when appropriate and adding\\nthem from the vif_add_debugfs handler.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: wifi: ath11k: conf\u00eda en el manejo de debugfs de mac80211 para vif mac80211 comenz\u00f3 a eliminar entradas de debugfs en ciertos casos, lo que provoc\u00f3 que ath11k fallara cuando intent\u00f3 eliminar las entradas m\u00e1s tarde. Solucione este problema confiando en mac80211 para eliminar las entradas cuando corresponda y agreg\u00e1ndolas desde el controlador vif_add_debugfs.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.7.3\",\"matchCriteriaId\":\"58FD5308-148A-40D3-B36A-0CA6B434A8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F4EA73-0894-400F-A490-3A397AB7A517\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:07:19.812Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-26637\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T15:55:06.774541Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:15.879Z\"}}], \"cna\": {\"title\": \"wifi: ath11k: rely on mac80211 debugfs handling for vif\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"0a3d898ee9a8303d5b3982b97ef0703919c3ea76\", \"lessThan\": \"aa74ce30a8a40d19a4256de4ae5322e71344a274\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"0a3d898ee9a8303d5b3982b97ef0703919c3ea76\", \"lessThan\": \"556857aa1d0855aba02b1c63bc52b91ec63fc2cc\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/net/wireless/ath/ath11k/core.h\", \"drivers/net/wireless/ath/ath11k/debugfs.c\", \"drivers/net/wireless/ath/ath11k/debugfs.h\", \"drivers/net/wireless/ath/ath11k/mac.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.7\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.7.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.7.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/net/wireless/ath/ath11k/core.h\", \"drivers/net/wireless/ath/ath11k/debugfs.c\", \"drivers/net/wireless/ath/ath11k/debugfs.h\", \"drivers/net/wireless/ath/ath11k/mac.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274\"}, {\"url\": \"https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc\"}], \"x_generator\": {\"engine\": \"bippy-5f407fcff5a0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nwifi: ath11k: rely on mac80211 debugfs handling for vif\\n\\nmac80211 started to delete debugfs entries in certain cases, causing a\\nath11k to crash when it tried to delete the entries later. Fix this by\\nrelying on mac80211 to delete the entries when appropriate and adding\\nthem from the vif_add_debugfs handler.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-12-19T08:43:59.638Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-26637\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-19T08:43:59.638Z\", \"dateReserved\": \"2024-02-19T14:20:24.137Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-03-18T10:14:48.378Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.