CVE-2024-26779: wifi: mac80211: fix race condition on enabling fast-xmit
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix race condition on enabling fast-xmit
fast-xmit must only be enabled after the sta has been uploaded to the driver, otherwise it could end up passing the not-yet-uploaded sta via drvtx calls to the driver, leading to potential crashes because of uninitialized drvpriv data. Add a missing sta->uploaded check and re-check fast xmit after inserting a sta.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix race condition on enabling fast-xmit
The Linux kernel CVE team has assigned CVE-2024-26779 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024040310-CVE-2024-26779-8030@gregkh/T
— Red Hat
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-26779?
CVE-2024-26779 is considered to be of medium severity due to the potential impact of a race condition in the Linux kernel's wifi mac80211 module.
How do I fix CVE-2024-26779?
To fix CVE-2024-26779, upgrade to the latest kernel versions provided by your distribution that includes the patch for this vulnerability.
What versions of the Linux kernel are affected by CVE-2024-26779?
CVE-2024-26779 affects various versions of the Linux kernel up to 6.8, specifically versions 4.19.308, 5.4.270, 5.10.211, 5.15.150, 6.1.80, 6.6.19, 6.7.7, and 6.12.11.
When was CVE-2024-26779 resolved?
CVE-2024-26779 was resolved in recent updates released in 2024.
What components are involved in CVE-2024-26779?
CVE-2024-26779 involves a race condition in the mac80211 module used for managing Wi-Fi within the Linux kernel.