Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size. But then 'rate->he_gi' is used as array index instead of 'status->he_gi'. This can lead to go beyond array boundaries in case of 'rate->he_gi' is not equal to 'status->he_gi' and is bigger than array size. Looks like "copy-paste" mistake. Fix this mistake by replacing 'rate->he_gi' with 'status->he_gi'. Found by Linux Verification Center (linuxtesting.org) with SVACE.

INFO

Published Date :

2024-08-17T09:21:57.172Z

Last Modified :

2025-11-03T22:05:38.428Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-43842 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-43842.

URL Resource
https://git.kernel.org/stable/c/7a0edc3d83aff3a48813d78c9cad9daf38decc74 cve-icon cve-icon
https://git.kernel.org/stable/c/85099c7ce4f9e64c66aa397cd9a37473637ab891 cve-icon cve-icon
https://git.kernel.org/stable/c/96ae4de5bc4c8ba39fd072369398f59495b73f58 cve-icon cve-icon
https://git.kernel.org/stable/c/a2a095c08b95372d6d0c5819b77f071af5e75366 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024081730-CVE-2024-43842-31e7@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-43842 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-43842 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact