CVE-2024-40929

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-40929
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-40929.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-40929
Downstream
Related
Published
2024-07-12T12:25:08.434Z
Modified
2025-11-28T02:34:15.507927Z
Summary
wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: check n_ssids before accessing the ssids

In some versions of cfg80211, the ssids poinet might be a valid one even though nssids is 0. Accessing the pointer in this case will cuase an out-of-bound access. Fix this by checking nssids first.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/40xxx/CVE-2024-40929.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c1a7515393e403758a684fd0a2372af466675b15
Fixed
3c4771091ea8016c8601399078916f722dd8833b
Fixed
f777792952d03bbaf8329fdfa99393a5a33e2640
Fixed
9e719ae3abad60e245ce248ba3f08148f375a614
Fixed
29a18d56bd64b95bd10bda4afda512558471382a
Fixed
62e007bdeb91c6879a4652c3426aef1cd9d2937b
Fixed
60d62757df30b74bf397a2847a6db7385c6ee281

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.17.0
Fixed
5.10.221
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.162
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.95
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.35
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.9.6