CVE-2024-40941

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-40941

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-40941.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-40941

Downstream

BELL-CVE-2024-40941

DEBIAN-CVE-2024-40941

DLA-4008-1

DSA-5730-1

DSA-5731-1

OESA-2024-1894

OESA-2024-1895

OESA-2024-1896

OESA-2024-1897

RHSA-2024:5928

RHSA-2024:7000

RHSA-2024:7001

RLSA-2024:7000

SUSE-SU-2024:2892-1

SUSE-SU-2024:2894-1

SUSE-SU-2024:2901-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2940-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3383-1

Related

Published

2024-07-12T13:15:16Z

Modified

2025-08-09T20:01:25Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: don't read past the mfuart notifcation

In case the firmware sends a notification that claims it has more data than it has, we will read past that was allocated for the notification. Remove the print of the buffer, we won't see it by default. If needed, we can see the content with tracing.

This was reported by KFENCE.

References

Affected packages