CVE-2024-27056: wifi: iwlwifi: mvm: ensure offloading TID queue exists
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mvm: ensure offloading TID queue exists
The Linux kernel CVE team has assigned CVE-2024-27056 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27056-98c0@gregkh/T
Other sources
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mvm: ensure offloading TID queue exists
The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated by the firmware.
In the unusual event that no packets have been send on TID 0, the queue will not have been allocated and this causes a crash. Fix this by ensuring the queue exist at suspend time.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-27056?
CVE-2024-27056 has been classified as a moderate severity vulnerability in the Linux kernel.
What causes CVE-2024-27056?
CVE-2024-27056 results from the lack of proper offloading for TID queues in the iwlwifi driver.
How do I fix CVE-2024-27056?
To fix CVE-2024-27056, upgrade your kernel to version 6.8 or later, or to the specified versions of the IBM Security Verify Governance products.
Which products are affected by CVE-2024-27056?
CVE-2024-27056 affects the Red Hat kernel versions up to 6.7.11 and 6.8, as well as IBM Security Verify Governance versions up to 10.0.2.
Is there a workaround for CVE-2024-27056?
There is no known workaround for CVE-2024-27056; upgrading is the recommended mitigation method.