CVE-2024-47713

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
21/10/2024
Last modified:
03/11/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()<br /> <br /> Since &amp;#39;__dev_queue_xmit()&amp;#39; should be called with interrupts enabled,<br /> the following backtrace:<br /> <br /> ieee80211_do_stop()<br /> ...<br /> spin_lock_irqsave(&amp;local-&gt;queue_stop_reason_lock, flags)<br /> ...<br /> ieee80211_free_txskb()<br /> ieee80211_report_used_skb()<br /> ieee80211_report_ack_skb()<br /> cfg80211_mgmt_tx_status_ext()<br /> nl80211_frame_tx_status()<br /> genlmsg_multicast_netns()<br /> genlmsg_multicast_netns_filtered()<br /> nlmsg_multicast_filtered()<br /> netlink_broadcast_filtered()<br /> do_one_broadcast()<br /> netlink_broadcast_deliver()<br /> __netlink_sendskb()<br /> netlink_deliver_tap()<br /> __netlink_deliver_tap_skb()<br /> dev_queue_xmit()<br /> __dev_queue_xmit() ; with IRQS disabled<br /> ...<br /> spin_unlock_irqrestore(&amp;local-&gt;queue_stop_reason_lock, flags)<br /> <br /> issues the warning (as reported by syzbot reproducer):<br /> <br /> WARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120<br /> <br /> Fix this by implementing a two-phase skb reclamation in<br /> &amp;#39;ieee80211_do_stop()&amp;#39;, where actual work is performed<br /> outside of a section with interrupts disabled.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 2.6.32 (including) 5.10.227 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.11 (including) 5.15.168 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.16 (including) 6.1.113 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.2 (including) 6.6.54 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7 (including) 6.10.13 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.11 (including) 6.11.2 (excluding)