Description

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make this a bit more careful and check if the subframe header can even be present.

INFO

Published Date :

2024-05-19T10:10:43.615Z

Last Modified :

2025-11-03T21:55:02.670Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-35937 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
  • Rhel Eus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-35937.

URL Resource
https://git.kernel.org/stable/c/16da1e1dac23be45ef6e23c41b1508c400e6c544 cve-icon cve-icon
https://git.kernel.org/stable/c/5d7a8585fbb31e88fb2a0f581b70667d3300d1e9 cve-icon cve-icon
https://git.kernel.org/stable/c/9ad7974856926129f190ffbe3beea78460b3b7cc cve-icon cve-icon
https://git.kernel.org/stable/c/9eb3bc0973d084423a6df21cf2c74692ff05647e cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35937-0415@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-35937 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-35937 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact