In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Avoid address calculations via out of bounds array indexing req->n_channels must be set before req->channels[] can be used. This patch fixes one of the issues encountered in [1]. [ 83.964255] UBSAN: array-index-out-of-bounds in net/mac80211/scan.c:364:4 [ 83.964258] index 0 is out of range for type 'struct ieee80211_channel *[]' [...] [ 83.964264] Call Trace: [ 83.964267] <TASK> [ 83.964269] dump_stack_lvl+0x3f/0xc0 [ 83.964274] __ubsan_handle_out_of_bounds+0xec/0x110 [ 83.964278] ieee80211_prep_hw_scan+0x2db/0x4b0 [ 83.964281] __ieee80211_start_scan+0x601/0x990 [ 83.964291] nl80211_trigger_scan+0x874/0x980 [ 83.964295] genl_family_rcv_msg_doit+0xe8/0x160 [ 83.964298] genl_rcv_msg+0x240/0x270 [...] [1] https://bugzilla.kernel.org/show_bug.cgi?id=218810
History

Thu, 17 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 17 Oct 2024 14:00:00 +0000


Tue, 01 Oct 2024 14:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:rhel_e4s:9.0
cpe:/o:redhat:rhel_eus:9.2

Thu, 26 Sep 2024 23:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:rhel_els:6

Tue, 24 Sep 2024 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Els
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/a:redhat:rhel_eus:9.2
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
cpe:/o:redhat:rhel_aus:8.6
cpe:/o:redhat:rhel_e4s:8.6
cpe:/o:redhat:rhel_els:7
cpe:/o:redhat:rhel_eus:8.8
cpe:/o:redhat:rhel_tus:8.6
Vendors & Products Redhat rhel Els

Tue, 24 Sep 2024 06:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Eus
Redhat rhel Extras Rt Els
Redhat rhel Tus
CPEs cpe:/a:redhat:enterprise_linux:8::nfv
cpe:/a:redhat:rhel_e4s:9.0
cpe:/a:redhat:rhel_e4s:9.0::nfv
cpe:/a:redhat:rhel_eus:9.2::nfv
cpe:/a:redhat:rhel_extras_rt_els:7
cpe:/a:redhat:rhel_tus:8.4::nfv
cpe:/o:redhat:rhel_aus:7.7
cpe:/o:redhat:rhel_aus:8.2
cpe:/o:redhat:rhel_aus:8.4
cpe:/o:redhat:rhel_e4s:8.4
cpe:/o:redhat:rhel_tus:8.4
Vendors & Products Redhat
Redhat enterprise Linux
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Eus
Redhat rhel Extras Rt Els
Redhat rhel Tus

Tue, 17 Sep 2024 02:30:00 +0000

Type Values Removed Values Added
Metrics threat_severity

Moderate

threat_severity

Important


Wed, 11 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 11 Sep 2024 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 06 Sep 2024 13:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
Metrics threat_severity

Low

threat_severity

Moderate


Mon, 26 Aug 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Weaknesses CWE-129
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-07-29T14:57:31.623Z

Updated: 2024-12-19T09:11:21.234Z

Reserved: 2024-07-12T12:17:45.631Z

Link: CVE-2024-41071

cve-icon Vulnrichment

Updated: 2024-08-02T04:46:52.334Z

cve-icon NVD

Status : Modified

Published: 2024-07-29T15:15:14.863

Modified: 2024-11-21T09:32:11.200

Link: CVE-2024-41071

cve-icon Redhat

Severity : Important

Publid Date: 2024-07-29T00:00:00Z

Links: CVE-2024-41071 - Bugzilla