In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: wext: add extra SIOCSIWSCAN data check
In 'cfg80211wextsiwscan()', add extra check whether number of channels passed via 'ioctl(sock, SIOCSIWSCAN, ...)' doesn't exceed IWMAXFREQUENCIES and reject invalid request with -EINVAL otherwise.
[ { "signature_type": "Line", "id": "CVE-2024-41072-0192db6d", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a43cc0558530b6c065976b6b9246f512f8d3593b", "signature_version": "v1", "target": { "file": "net/wireless/scan.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "235286026907917612831939635911927175575", "89600786083458026969843017829160172582", "73729084923083614875432448310127636462", "231668744285953596152117877404732059907", "319153733643687819629295455203496184146", "220487349707431395831216184078876141171", "137113007081789057333964859121026848579" ] }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-41072-10845ac4", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6295bad58f988eaafcf0e6f8b198a580398acb3b", "signature_version": "v1", "target": { "file": "net/wireless/scan.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "235286026907917612831939635911927175575", "89600786083458026969843017829160172582", "73729084923083614875432448310127636462", "231668744285953596152117877404732059907", "319153733643687819629295455203496184146", "220487349707431395831216184078876141171", "137113007081789057333964859121026848579" ] }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-41072-29fd0536", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ef09cdc5ba0f93826c09d810c141a8d103a80fc", "signature_version": "v1", "target": { "function": "cfg80211_wext_siwscan", "file": "net/wireless/scan.c" }, "digest": { "function_hash": "217065479632815561944319823587679981765", "length": 2513.0 }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-41072-4df8773a", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a43cc0558530b6c065976b6b9246f512f8d3593b", "signature_version": "v1", "target": { "function": "cfg80211_wext_siwscan", "file": "net/wireless/scan.c" }, "digest": { "function_hash": "254697019196478206672170858172431333457", "length": 2522.0 }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-41072-51420563", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe9644efd86704afe50e56b64b609de340ab7c95", "signature_version": "v1", "target": { "function": "cfg80211_wext_siwscan", "file": "net/wireless/scan.c" }, "digest": { "function_hash": "273820682814882122922613346740592630939", "length": 2487.0 }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-41072-71e21e8b", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@de5fcf757e33596eed32de170ce5a93fa44dd2ac", "signature_version": "v1", "target": { "function": "cfg80211_wext_siwscan", "file": "net/wireless/scan.c" }, "digest": { "function_hash": "213468557408812269834986019349698757085", "length": 2466.0 }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-41072-86b47970", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe9644efd86704afe50e56b64b609de340ab7c95", "signature_version": "v1", "target": { "file": "net/wireless/scan.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "151843285859740463902970416874931773991", "171810981050343209025039441078926285408", "73729084923083614875432448310127636462", "231668744285953596152117877404732059907", "319153733643687819629295455203496184146", "220487349707431395831216184078876141171", "137113007081789057333964859121026848579" ] }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-41072-9af542ef", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b02ba9a0b55b762bd04743a22f3d9f9645005e79", "signature_version": "v1", "target": { "file": "net/wireless/scan.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "235286026907917612831939635911927175575", "89600786083458026969843017829160172582", "73729084923083614875432448310127636462", "231668744285953596152117877404732059907", "319153733643687819629295455203496184146", "220487349707431395831216184078876141171", "137113007081789057333964859121026848579" ] }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-41072-9deb80dd", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@001120ff0c9e3557dee9b5ee0d358e0fc189996f", "signature_version": "v1", "target": { "function": "cfg80211_wext_siwscan", "file": "net/wireless/scan.c" }, "digest": { "function_hash": "273820682814882122922613346740592630939", "length": 2487.0 }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-41072-bd252fb7", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ef09cdc5ba0f93826c09d810c141a8d103a80fc", "signature_version": "v1", "target": { "file": "net/wireless/scan.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "151843285859740463902970416874931773991", "171810981050343209025039441078926285408", "73729084923083614875432448310127636462", "231668744285953596152117877404732059907", "319153733643687819629295455203496184146", "220487349707431395831216184078876141171", "137113007081789057333964859121026848579" ] }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-41072-bfde7844", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@35cee10ccaee5bd451a480521bbc25dc9f07fa5b", "signature_version": "v1", "target": { "function": "cfg80211_wext_siwscan", "file": "net/wireless/scan.c" }, "digest": { "function_hash": "273820682814882122922613346740592630939", "length": 2487.0 }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-41072-c8d18d66", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b02ba9a0b55b762bd04743a22f3d9f9645005e79", "signature_version": "v1", "target": { "function": "cfg80211_wext_siwscan", "file": "net/wireless/scan.c" }, "digest": { "function_hash": "213468557408812269834986019349698757085", "length": 2466.0 }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-41072-d34ed8ff", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@001120ff0c9e3557dee9b5ee0d358e0fc189996f", "signature_version": "v1", "target": { "file": "net/wireless/scan.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "151843285859740463902970416874931773991", "171810981050343209025039441078926285408", "73729084923083614875432448310127636462", "231668744285953596152117877404732059907", "319153733643687819629295455203496184146", "220487349707431395831216184078876141171", "137113007081789057333964859121026848579" ] }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-41072-ddd80b06", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@de5fcf757e33596eed32de170ce5a93fa44dd2ac", "signature_version": "v1", "target": { "file": "net/wireless/scan.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "235286026907917612831939635911927175575", "89600786083458026969843017829160172582", "73729084923083614875432448310127636462", "231668744285953596152117877404732059907", "319153733643687819629295455203496184146", "220487349707431395831216184078876141171", "137113007081789057333964859121026848579" ] }, "deprecated": false }, { "signature_type": "Line", "id": "CVE-2024-41072-e040e725", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@35cee10ccaee5bd451a480521bbc25dc9f07fa5b", "signature_version": "v1", "target": { "file": "net/wireless/scan.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "151843285859740463902970416874931773991", "171810981050343209025039441078926285408", "73729084923083614875432448310127636462", "231668744285953596152117877404732059907", "319153733643687819629295455203496184146", "220487349707431395831216184078876141171", "137113007081789057333964859121026848579" ] }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2024-41072-f4832dc5", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6295bad58f988eaafcf0e6f8b198a580398acb3b", "signature_version": "v1", "target": { "function": "cfg80211_wext_siwscan", "file": "net/wireless/scan.c" }, "digest": { "function_hash": "213468557408812269834986019349698757085", "length": 2466.0 }, "deprecated": false } ]