Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2024-26682

HistoryApr 02, 2024 - 7:15 a.m.

CVE-2024-26682

2024-04-0207:15:44

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

wifi

vulnerability

resolved

ecsa element

probe response

cfg80211

channel switching

quiet mode

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.6%

JSON

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: improve CSA/ECSA connection refusal

As mentioned in the previous commit, we pretty quickly found
that some APs have ECSA elements stuck in their probe response,
so using that to not attempt to connect while CSA is happening
we never connect to such an AP.

Improve this situation by checking more carefully and ignoring
the ECSA if cfg80211 has previously detected the ECSA element
being stuck in the probe response.

Additionally, allow connecting to an AP that’s switching to a
channel it’s already using, unless it’s using quiet mode. In
this case, we may just have to adjust bandwidth later. If it’s
actually switching channels, it’s better not to try to connect
in the middle of that.

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

References

git.kernel.org/stable/c/35e2385dbe787936c793d70755a5177d267a40aa

git.kernel.org/stable/c/ea88bde8e3fefbe4268f6991375dd629895a090a