CVE-2024-43842

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-43842
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43842.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-43842
Downstream
Related
Published
2024-08-17T09:21:57.172Z
Modified
2025-11-28T02:34:18.994816Z
Summary
wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter()
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: rtw89: Fix array index mistake in rtw89stainfogetiter()

In rtw89stainfogetiter() 'status->hegi' is compared to array size. But then 'rate->hegi' is used as array index instead of 'status->hegi'. This can lead to go beyond array boundaries in case of 'rate->hegi' is not equal to 'status->he_gi' and is bigger than array size. Looks like "copy-paste" mistake.

Fix this mistake by replacing 'rate->hegi' with 'status->hegi'.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43842.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd
Fixed
a2a095c08b95372d6d0c5819b77f071af5e75366
Fixed
7a0edc3d83aff3a48813d78c9cad9daf38decc74
Fixed
96ae4de5bc4c8ba39fd072369398f59495b73f58
Fixed
85099c7ce4f9e64c66aa397cd9a37473637ab891

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.103
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.44
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.10.3