Lucene search

K
cveLinuxCVE-2024-47672
HistoryOct 09, 2024 - 3:15 p.m.

CVE-2024-47672

2024-10-0915:15:15
Linux
web.nvd.nist.gov
27
linux kernel
cve-2024-47672
wifi
iwlwifi
mvm
firmware

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

High

EPSS

0

Percentile

5.1%

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: don’t wait for tx queues if firmware is dead

There is a WARNING in iwl_trans_wait_tx_queues_empty() (that was
recently converted from just a message), that can be hit if we
wait for TX queues to become empty after firmware died. Clearly,
we can’t expect anything from the firmware after it’s declared dead.

Don’t call iwl_trans_wait_tx_queues_empty() in this case. While it could
be a good idea to stop the flow earlier, the flush functions do some
maintenance work that is not related to the firmware, so keep that part
of the code running even when the firmware is not running.

[edit commit message]

Affected configurations

Nvd
Vulners
Node
linuxlinux_kernelRange5.10.2276.1.112
OR
linuxlinux_kernelRange6.26.6.53
OR
linuxlinux_kernelRange6.76.10.12
OR
linuxlinux_kernelMatch6.11rc1
OR
linuxlinux_kernelMatch6.11rc2
OR
linuxlinux_kernelMatch6.11rc3
OR
linuxlinux_kernelMatch6.11rc4
OR
linuxlinux_kernelMatch6.11rc5
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel6.11cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
linuxlinux_kernel6.11cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
linuxlinux_kernel6.11cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
linuxlinux_kernel6.11cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*
linuxlinux_kernel6.11cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f4",
        "lessThan": "ad2fcc2daa20",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "16c1e5d5228f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "de46b1d24f5f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "1afed66cb271",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "1b0cd832c960",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "4d0a900ec470",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "7188b7a72320",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "3a84454f5204",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c"
    ],
    "versions": [
      {
        "version": "4.19.323",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.4.285",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.227",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.168",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.112",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.53",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.10.12",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

High

EPSS

0

Percentile

5.1%