CVE-2024-47713

MEDIUM EPSS 17.1%
Published Oct 21, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() Since '__dev_queue_xmit()' should be called with interrupts enabled, the following backtrace: ieee80211_do_stop() ... spin_lock_irqsave(&local->queue_stop_reason_lock, flags) ... ieee80211_free_txskb() ieee80211_report_used_skb() ieee80211_report_ack_skb() cfg80211_mgmt_tx_status_ext() nl80211_frame_tx_status() genlmsg_multicast_netns() genlmsg_multicast_netns_filtered() nlmsg_multicast_filtered() netlink_broadcast_filtered() do_one_broadcast() netlink_broadcast_deliver() __netlink_sendskb() netlink_deliver_tap() __netlink_deliver_tap_skb() dev_queue_xmit() __dev_queue_xmit() ; with IRQS disabled ... spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags) issues the warning (as reported by syzbot reproducer): WARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120 Fix this by implementing a two-phase skb reclamation in 'ieee80211_do_stop()', where actual work is performed outside of a section with interrupts disabled.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
17.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥2.6.32  –  <5.10.227
linuxlinux_kernel*≥5.11  –  <5.15.168
linuxlinux_kernel*≥5.16  –  <6.1.113
linuxlinux_kernel*≥6.2  –  <6.6.54
linuxlinux_kernel*≥6.7  –  <6.10.13
linuxlinux_kernel*≥6.11  –  <6.11.2

References 13

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-265688.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-355557.html
  • git.kernel.org https://git.kernel.org/stable/c/04f75f5bae33349283d6886901d9acd2f110c024
  • git.kernel.org https://git.kernel.org/stable/c/058c9026ad79dc98572442fd4c7e9a36aba6f596
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/07eb0bd7b0a8abed9d45e0f567c9af1dc83e5268
  • git.kernel.org https://git.kernel.org/stable/c/9d301de12da6e1bb069a9835c38359b8e8135121
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/acb53a716e492a02479345157c43f21edc8bc64b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ad4b7068b101fbbb4a9ca4b99b25eb051a9482ec
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/db5ca4b42ccfa42d2af7b335ff12578e57775c02
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eab272972cffff9cd973b8e4055a8e81c64f7e6a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f232916fab67ca1c3425926df4a866e59ff26908
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/058c9026ad79dc98572442fd4c7e9a36aba6f596
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9d301de12da6e1bb069a9835c38359b8e8135121
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/acb53a716e492a02479345157c43f21edc8bc64b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ad4b7068b101fbbb4a9ca4b99b25eb051a9482ec
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/db5ca4b42ccfa42d2af7b335ff12578e57775c02
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eab272972cffff9cd973b8e4055a8e81c64f7e6a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f232916fab67ca1c3425926df4a866e59ff26908
    Patch