Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix array out-of-bound access in SoC stats Currently, the ath12k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath12k_dp_rx_process() function access ath12k_soc_dp_stats::hal_reo_error using the REO destination SRNG ring ID, which is incorrect. SRNG ring ID differ from normal ring ID, and this usage leads to out-of-bounds array access. To fix this issue, modify ath12k_dp_rx_process() to use the normal ring ID directly instead of the SRNG ring ID to avoid out-of-bounds array access. Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1

INFO

Published Date :

2024-10-21T18:01:53.756Z

Last Modified :

2025-05-04T09:41:37.843Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-49931 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-49931.

URL Resource
https://git.kernel.org/stable/c/a4aef827a41cdaf6201bbaf773c1eae4e20e967b cve-icon cve-icon
https://git.kernel.org/stable/c/ad791e3ec60cb66c1e4dc121ffbf872df312427d cve-icon cve-icon
https://git.kernel.org/stable/c/d0e4274d9dc9f8409d56d622cd3ecf7b6fd49e2f cve-icon cve-icon
https://git.kernel.org/stable/c/e106b7ad13c1d246adaa57df73edb8f8b8acb240 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024102126-CVE-2024-49931-f484@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-49931 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-49931 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact