CVE-2024-41072

MEDIUM EPSS 14.0%
Published Jul 29, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jul 29, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211_wext_siwscan()', add extra check whether number of channels passed via 'ioctl(sock, SIOCSIWSCAN, ...)' doesn't exceed IW_MAX_FREQUENCIES and reject invalid request with -EINVAL otherwise.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 11

VendorProductVersionRange
linuxlinux_kernel* <4.19.319
linuxlinux_kernel*≥4.20  –  <5.4.281
linuxlinux_kernel*≥5.5  –  <5.10.223
linuxlinux_kernel*≥5.11  –  <5.15.164
linuxlinux_kernel*≥5.16  –  <6.1.101
linuxlinux_kernel*≥6.2  –  <6.6.42
linuxlinux_kernel*≥6.7  –  <6.9.11
linuxlinux_kernel6.10any
linuxlinux_kernel6.10any
linuxlinux_kernel6.10any
linuxlinux_kernel6.10any

References 9

  • git.kernel.org https://git.kernel.org/stable/c/001120ff0c9e3557dee9b5ee0d358e0fc189996f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/35cee10ccaee5bd451a480521bbc25dc9f07fa5b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6295bad58f988eaafcf0e6f8b198a580398acb3b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ef09cdc5ba0f93826c09d810c141a8d103a80fc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a43cc0558530b6c065976b6b9246f512f8d3593b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b02ba9a0b55b762bd04743a22f3d9f9645005e79
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de5fcf757e33596eed32de170ce5a93fa44dd2ac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fe9644efd86704afe50e56b64b609de340ab7c95
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/001120ff0c9e3557dee9b5ee0d358e0fc189996f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/35cee10ccaee5bd451a480521bbc25dc9f07fa5b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6295bad58f988eaafcf0e6f8b198a580398acb3b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ef09cdc5ba0f93826c09d810c141a8d103a80fc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a43cc0558530b6c065976b6b9246f512f8d3593b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b02ba9a0b55b762bd04743a22f3d9f9645005e79
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de5fcf757e33596eed32de170ce5a93fa44dd2ac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fe9644efd86704afe50e56b64b609de340ab7c95
    Patch