CVE-2024-53059
wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
1. The size of the response packet is not validated.
2. The response buffer is not freed.
Resolve these issues by switching to iwl_mvm_send_cmd_status(),
which handles both size validation and frees the buffer.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cert-portal.siemens.com/productcert/html/ssa-265688.htmlhttps://cert-portal.siemens.com/productcert/html/ssa-355557.htmlhttps://git.kernel.org/stable/c/07a6e3b78a65f4b2796a8d0d4adb1a15a81edeadhttps://git.kernel.org/stable/c/3eb986c64c6bfb721950f9666a3b723cf65d043fhttps://git.kernel.org/stable/c/3f45d590ccbae6dfd6faef54efe74c30bd85d3dahttps://git.kernel.org/stable/c/45a628911d3c68e024eed337054a0452b064f450https://git.kernel.org/stable/c/64d63557ded6ff3ce72b18ab87a6c4b1b652161chttps://git.kernel.org/stable/c/9480c3045f302f43f9910d2d556d6cf5a62c1822https://git.kernel.org/stable/c/9c98ee7ea463a838235e7a0e35851b38476364f2https://lists.debian.org/debian-lts-announce/2025/01/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2025/03/msg00002.html