CVE-2024-26683

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: cfg80211: detect stuck ECSA element in probe resp<br /> <br /> We recently added some validation that we don&amp;#39;t try to<br /> connect to an AP that is currently in a channel switch<br /> process, since that might want the channel to be quiet<br /> or we might not be able to connect in time to hear the<br /> switching in a beacon. This was in commit c09c4f31998b<br /> ("wifi: mac80211: don&amp;#39;t connect to an AP while it&amp;#39;s in<br /> a CSA process").<br /> <br /> However, we promptly got a report that this caused new<br /> connection failures, and it turns out that the AP that<br /> we now cannot connect to is permanently advertising an<br /> extended channel switch announcement, even with quiet.<br /> The AP in question was an Asus RT-AC53, with firmware<br /> 3.0.0.4.380_10760-g21a5898.<br /> <br /> As a first step, attempt to detect that we&amp;#39;re dealing<br /> with such a situation, so mac80211 can use this later.