Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() Since '__dev_queue_xmit()' should be called with interrupts enabled, the following backtrace: ieee80211_do_stop() ... spin_lock_irqsave(&local->queue_stop_reason_lock, flags) ... ieee80211_free_txskb() ieee80211_report_used_skb() ieee80211_report_ack_skb() cfg80211_mgmt_tx_status_ext() nl80211_frame_tx_status() genlmsg_multicast_netns() genlmsg_multicast_netns_filtered() nlmsg_multicast_filtered() netlink_broadcast_filtered() do_one_broadcast() netlink_broadcast_deliver() __netlink_sendskb() netlink_deliver_tap() __netlink_deliver_tap_skb() dev_queue_xmit() __dev_queue_xmit() ; with IRQS disabled ... spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags) issues the warning (as reported by syzbot reproducer): WARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120 Fix this by implementing a two-phase skb reclamation in 'ieee80211_do_stop()', where actual work is performed outside of a section with interrupts disabled.

INFO

Published Date :

2024-10-21T11:53:45.433Z

Last Modified :

2025-11-03T22:21:17.686Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-47713 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-47713.

URL Resource
https://git.kernel.org/stable/c/04f75f5bae33349283d6886901d9acd2f110c024 cve-icon cve-icon
https://git.kernel.org/stable/c/058c9026ad79dc98572442fd4c7e9a36aba6f596 cve-icon cve-icon
https://git.kernel.org/stable/c/07eb0bd7b0a8abed9d45e0f567c9af1dc83e5268 cve-icon cve-icon
https://git.kernel.org/stable/c/9d301de12da6e1bb069a9835c38359b8e8135121 cve-icon cve-icon
https://git.kernel.org/stable/c/acb53a716e492a02479345157c43f21edc8bc64b cve-icon cve-icon
https://git.kernel.org/stable/c/ad4b7068b101fbbb4a9ca4b99b25eb051a9482ec cve-icon cve-icon
https://git.kernel.org/stable/c/db5ca4b42ccfa42d2af7b335ff12578e57775c02 cve-icon cve-icon
https://git.kernel.org/stable/c/eab272972cffff9cd973b8e4055a8e81c64f7e6a cve-icon cve-icon
https://git.kernel.org/stable/c/f232916fab67ca1c3425926df4a866e59ff26908 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024102119-CVE-2024-47713-2624@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-47713 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-47713 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact