ghsa-g68j-9rxj-c36w
Vulnerability from github
Published
2024-06-19 15:30
Modified
2024-10-31 15:30
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

mac80211: track only QoS data frames for admission control

For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header.

Syzbot reported (see below) an uninitialized value here due to a status of a non-QoS nullfunc packet, which isn't even long enough to contain the QoS header.

Fix this to only do anything for QoS data packets.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2021-47602"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-19T15:15:54Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: track only QoS data frames for admission control\n\nFor admission control, obviously all of that only works for\nQoS data frames, otherwise we cannot even access the QoS\nfield in the header.\n\nSyzbot reported (see below) an uninitialized value here due\nto a status of a non-QoS nullfunc packet, which isn\u0027t even\nlong enough to contain the QoS header.\n\nFix this to only do anything for QoS data packets.",
  "id": "GHSA-g68j-9rxj-c36w",
  "modified": "2024-10-31T15:30:58Z",
  "published": "2024-06-19T15:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47602"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/42d08e97b196479f593499e887a9ab81446a34b9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/46b9e29db2012a4d2a40a26101862e002ccf387b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/69f054d6642c8f6173724ce17e7ee3ff66b8f682"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d5e568c3a4ec2ddd23e7dc5ad5b0c64e4f22981a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/eed897a22230e3231a740eddd7d6d95ba476625f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.