cve/published/2024/CVE-2024-43879.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-43879: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()

 Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in
 cfg80211_calculate_bitrate_he(), leading to below warning:

 kernel: invalid HE MCS: bw:6, ru:6
 kernel: WARNING: CPU: 0 PID: 2312 at net/wireless/util.c:1501 cfg80211_calculate_bitrate_he+0x22b/0x270 [cfg80211]

 Fix it by handling 2x996 RU allocation in the same way as 160 MHz bandwidth.

 The Linux kernel CVE team has assigned CVE-2024-43879 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 4.19.320 with commit 45d20a1c54be4f3173862c7b950d4468447814c9
 	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 5.4.282 with commit b289ebb0516526cb4abae081b7ec29fd4fa1209d
 	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 5.10.224 with commit 2e201b3d162c6c49417c438ffb30b58c9f85769f
 	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 5.15.165 with commit 576c64622649f3ec07e97bac8fec8b8a2ef4d086
 	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 6.1.103 with commit 16ad67e73309db0c20cc2a651992bd01c05e6b27
 	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 6.6.44 with commit 67b5f1054197e4f5553047759c15c1d67d4c8142
 	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 6.10.3 with commit 19eaf4f2f5a981f55a265242ada2bf92b0c742dd
 	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 6.11 with commit bcbd771cd5d68c0c52567556097d75f9fc4e7cd6

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-43879
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	net/wireless/util.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/45d20a1c54be4f3173862c7b950d4468447814c9
 	https://git.kernel.org/stable/c/b289ebb0516526cb4abae081b7ec29fd4fa1209d
 	https://git.kernel.org/stable/c/2e201b3d162c6c49417c438ffb30b58c9f85769f
 	https://git.kernel.org/stable/c/576c64622649f3ec07e97bac8fec8b8a2ef4d086
 	https://git.kernel.org/stable/c/16ad67e73309db0c20cc2a651992bd01c05e6b27
 	https://git.kernel.org/stable/c/67b5f1054197e4f5553047759c15c1d67d4c8142
 	https://git.kernel.org/stable/c/19eaf4f2f5a981f55a265242ada2bf92b0c742dd
 	https://git.kernel.org/stable/c/bcbd771cd5d68c0c52567556097d75f9fc4e7cd6
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-43879: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()

	Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in
	cfg80211_calculate_bitrate_he(), leading to below warning:

	kernel: invalid HE MCS: bw:6, ru:6
	kernel: WARNING: CPU: 0 PID: 2312 at net/wireless/util.c:1501 cfg80211_calculate_bitrate_he+0x22b/0x270 [cfg80211]

	Fix it by handling 2x996 RU allocation in the same way as 160 MHz bandwidth.

	The Linux kernel CVE team has assigned CVE-2024-43879 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 4.19.320 with commit 45d20a1c54be4f3173862c7b950d4468447814c9
	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 5.4.282 with commit b289ebb0516526cb4abae081b7ec29fd4fa1209d
	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 5.10.224 with commit 2e201b3d162c6c49417c438ffb30b58c9f85769f
	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 5.15.165 with commit 576c64622649f3ec07e97bac8fec8b8a2ef4d086
	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 6.1.103 with commit 16ad67e73309db0c20cc2a651992bd01c05e6b27
	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 6.6.44 with commit 67b5f1054197e4f5553047759c15c1d67d4c8142
	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 6.10.3 with commit 19eaf4f2f5a981f55a265242ada2bf92b0c742dd
	Issue introduced in 4.19 with commit c4cbaf7973a794839af080f13748335976cf3f3f and fixed in 6.11 with commit bcbd771cd5d68c0c52567556097d75f9fc4e7cd6

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-43879
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	net/wireless/util.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/45d20a1c54be4f3173862c7b950d4468447814c9
	https://git.kernel.org/stable/c/b289ebb0516526cb4abae081b7ec29fd4fa1209d
	https://git.kernel.org/stable/c/2e201b3d162c6c49417c438ffb30b58c9f85769f
	https://git.kernel.org/stable/c/576c64622649f3ec07e97bac8fec8b8a2ef4d086
	https://git.kernel.org/stable/c/16ad67e73309db0c20cc2a651992bd01c05e6b27
	https://git.kernel.org/stable/c/67b5f1054197e4f5553047759c15c1d67d4c8142
	https://git.kernel.org/stable/c/19eaf4f2f5a981f55a265242ada2bf92b0c742dd
	https://git.kernel.org/stable/c/bcbd771cd5d68c0c52567556097d75f9fc4e7cd6