CVE-2024-27391

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: wilc1000: do not realloc workqueue everytime an interface is added<br /> <br /> Commit 09ed8bfc5215 ("wilc1000: Rename workqueue from "WILC_wq" to<br /> "NETDEV-wq"") moved workqueue creation in wilc_netdev_ifc_init in order to<br /> set the interface name in the workqueue name. However, while the driver<br /> needs only one workqueue, the wilc_netdev_ifc_init is called each time we<br /> add an interface over a phy, which in turns overwrite the workqueue with a<br /> new one. This can be observed with the following commands:<br /> <br /> for i in $(seq 0 10)<br /> do<br /> iw phy phy0 interface add wlan1 type managed<br /> iw dev wlan1 del<br /> done<br /> ps -eo pid,comm|grep wlan<br /> <br /> 39 kworker/R-wlan0<br /> 98 kworker/R-wlan1<br /> 102 kworker/R-wlan1<br /> 105 kworker/R-wlan1<br /> 108 kworker/R-wlan1<br /> 111 kworker/R-wlan1<br /> 114 kworker/R-wlan1<br /> 117 kworker/R-wlan1<br /> 120 kworker/R-wlan1<br /> 123 kworker/R-wlan1<br /> 126 kworker/R-wlan1<br /> 129 kworker/R-wlan1<br /> <br /> Fix this leakage by putting back hif_workqueue allocation in<br /> wilc_cfg80211_init. Regarding the workqueue name, it is indeed relevant to<br /> set it lowercase, however it is not attached to a specific netdev, so<br /> enforcing netdev name in the name is not so relevant. Still, enrich the<br /> name with the wiphy name to make it clear which phy is using the workqueue.