cve/published/2024/CVE-2024-58014.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-1.2.0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@kernel.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()

 In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN()
 instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.
 Compile tested only.

 Found by Linux Verification Center (linuxtesting.org) with SVACE.

 The Linux kernel CVE team has assigned CVE-2024-58014 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 5.4.291 with commit 0a457223cb2b9ca46bae7de387d0f4c093b0220d
 	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 5.10.235 with commit 13ef16c4fe384b1e70277bbe1d87934ee6c81e12
 	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 5.15.179 with commit d280a12e9b87819a8a209639d600b48a2d6d65dc
 	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.1.129 with commit ada9df08b3ef683507e75b92f522fb659260147f
 	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.6.78 with commit 093286c33409bf38896f2dab0c0bb6ca388afb33
 	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.12.14 with commit c27ce584d274f6ad3cba2294497de824a3c66646
 	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.13.3 with commit 6f6e293246dc1f5b2b6b3d0f2d757598489cda79
 	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.14 with commit 3f4a0948c3524ae50f166dbc6572a3296b014e62

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-58014
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_n.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/0a457223cb2b9ca46bae7de387d0f4c093b0220d
 	https://git.kernel.org/stable/c/13ef16c4fe384b1e70277bbe1d87934ee6c81e12
 	https://git.kernel.org/stable/c/d280a12e9b87819a8a209639d600b48a2d6d65dc
 	https://git.kernel.org/stable/c/ada9df08b3ef683507e75b92f522fb659260147f
 	https://git.kernel.org/stable/c/093286c33409bf38896f2dab0c0bb6ca388afb33
 	https://git.kernel.org/stable/c/c27ce584d274f6ad3cba2294497de824a3c66646
 	https://git.kernel.org/stable/c/6f6e293246dc1f5b2b6b3d0f2d757598489cda79
 	https://git.kernel.org/stable/c/3f4a0948c3524ae50f166dbc6572a3296b014e62
	From bippy-1.2.0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@kernel.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()

	In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN()
	instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.
	Compile tested only.

	Found by Linux Verification Center (linuxtesting.org) with SVACE.

	The Linux kernel CVE team has assigned CVE-2024-58014 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 5.4.291 with commit 0a457223cb2b9ca46bae7de387d0f4c093b0220d
	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 5.10.235 with commit 13ef16c4fe384b1e70277bbe1d87934ee6c81e12
	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 5.15.179 with commit d280a12e9b87819a8a209639d600b48a2d6d65dc
	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.1.129 with commit ada9df08b3ef683507e75b92f522fb659260147f
	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.6.78 with commit 093286c33409bf38896f2dab0c0bb6ca388afb33
	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.12.14 with commit c27ce584d274f6ad3cba2294497de824a3c66646
	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.13.3 with commit 6f6e293246dc1f5b2b6b3d0f2d757598489cda79
	Issue introduced in 3.2 with commit 5b435de0d786869c95d1962121af0d7df2542009 and fixed in 6.14 with commit 3f4a0948c3524ae50f166dbc6572a3296b014e62

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-58014
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_n.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/0a457223cb2b9ca46bae7de387d0f4c093b0220d
	https://git.kernel.org/stable/c/13ef16c4fe384b1e70277bbe1d87934ee6c81e12
	https://git.kernel.org/stable/c/d280a12e9b87819a8a209639d600b48a2d6d65dc
	https://git.kernel.org/stable/c/ada9df08b3ef683507e75b92f522fb659260147f
	https://git.kernel.org/stable/c/093286c33409bf38896f2dab0c0bb6ca388afb33
	https://git.kernel.org/stable/c/c27ce584d274f6ad3cba2294497de824a3c66646
	https://git.kernel.org/stable/c/6f6e293246dc1f5b2b6b3d0f2d757598489cda79
	https://git.kernel.org/stable/c/3f4a0948c3524ae50f166dbc6572a3296b014e62