CVE-2024-53055

MEDIUM EPSS 17.2%
Published Nov 19, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Nov 19, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop variable has type u8, which can never reach the number found when that's bigger than 255, and is stored in a u32 variable. Also move it into the loops to have a smaller scope. Using a u32 there is fine, we limit the number of APs in the scan list and each has a limit on the number of RNR entries due to the frame size. With a limit of 1000 scan results, a frame size upper bound of 4096 (really it's more like ~2300) and a TBTT entry size of at least 11, we get an upper bound for the number of ~372k, well in the bounds of a u32.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
17.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-835

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥5.11  –  <5.15.171
linuxlinux_kernel*≥5.16  –  <6.1.116
linuxlinux_kernel*≥6.2  –  <6.6.60
linuxlinux_kernel*≥6.7  –  <6.11.7
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any

References 6

  • git.kernel.org https://git.kernel.org/stable/c/2ac15e5a8f42fed5d90ed9e1197600913678c50f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2ccd5badadab2d586e91546bf5af3deda07fef1f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7245012f0f496162dd95d888ed2ceb5a35170f1a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cde8a7eb5c6762264ff0f4433358e0a0d250c875
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fc621e7a043de346c33bd7ae7e2e0c651d6152ef
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2ac15e5a8f42fed5d90ed9e1197600913678c50f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2ccd5badadab2d586e91546bf5af3deda07fef1f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7245012f0f496162dd95d888ed2ceb5a35170f1a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cde8a7eb5c6762264ff0f4433358e0a0d250c875
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fc621e7a043de346c33bd7ae7e2e0c651d6152ef
    Patch