github - ghsa-chmj-69q7-qhgf

ghsa-chmj-69q7-qhgf

Vulnerability from github

Published

2024-03-18 12:30

Modified

2024-03-18 12:30

Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath11k: rely on mac80211 debugfs handling for vif

mac80211 started to delete debugfs entries in certain cases, causing a ath11k to crash when it tried to delete the entries later. Fix this by relying on mac80211 to delete the entries when appropriate and adding them from the vif_add_debugfs handler.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-26637"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-18T11:15:10Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: rely on mac80211 debugfs handling for vif\n\nmac80211 started to delete debugfs entries in certain cases, causing a\nath11k to crash when it tried to delete the entries later. Fix this by\nrelying on mac80211 to delete the entries when appropriate and adding\nthem from the vif_add_debugfs handler.",
  "id": "GHSA-chmj-69q7-qhgf",
  "modified": "2024-03-18T12:30:35Z",
  "published": "2024-03-18T12:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26637"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2024-26637

Vulnerability from cvelistv5

Published

2024-03-18 10:14

Modified

2024-11-05 09:13

Severity ?

Summary

wifi: ath11k: rely on mac80211 debugfs handling for vif

References

▼	URL	Tags
	https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274
	https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:07:19.812Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26637",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:55:06.774541Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:16.633Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/core.h",
            "drivers/net/wireless/ath/ath11k/debugfs.c",
            "drivers/net/wireless/ath/ath11k/debugfs.h",
            "drivers/net/wireless/ath/ath11k/mac.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "aa74ce30a8a4",
              "status": "affected",
              "version": "0a3d898ee9a8",
              "versionType": "git"
            },
            {
              "lessThan": "556857aa1d08",
              "status": "affected",
              "version": "0a3d898ee9a8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/core.h",
            "drivers/net/wireless/ath/ath11k/debugfs.c",
            "drivers/net/wireless/ath/ath11k/debugfs.h",
            "drivers/net/wireless/ath/ath11k/mac.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.7"
            },
            {
              "lessThan": "6.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: rely on mac80211 debugfs handling for vif\n\nmac80211 started to delete debugfs entries in certain cases, causing a\nath11k to crash when it tried to delete the entries later. Fix this by\nrelying on mac80211 to delete the entries when appropriate and adding\nthem from the vif_add_debugfs handler."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:13:00.469Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274"
        },
        {
          "url": "https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc"
        }
      ],
      "title": "wifi: ath11k: rely on mac80211 debugfs handling for vif",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26637",
    "datePublished": "2024-03-18T10:14:48.378Z",
    "dateReserved": "2024-02-19T14:20:24.137Z",
    "dateUpdated": "2024-11-05T09:13:00.469Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted