CVE-2024-46825

MEDIUM5.5

wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check

Published Sep 27, 2024

Modified 1 weeks ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check

The lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is normally called with input from the firmware, so it should use IWL_FW_CHECK() instead of WARN_ON().

References

WEBhttps://git.kernel.org/stable/c/3cca098c91391b3fa48142bfda57048b985c87f6 WEBhttps://git.kernel.org/stable/c/415f3634d53c7fb4cf07d2f5a0be7f2e15e6da33 WEBhttps://git.kernel.org/stable/c/9215152677d4b321801a92b06f6d5248b2b4465f ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-46825

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedSep 27, 2024

ModifiedJan 5, 2026