CVE-2024-47713
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-47713
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47713.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-47713
- Downstream
- Related
- Published
- 2024-10-21T11:53:45.433Z
- Modified
- 2025-11-28T02:34:39.254751Z
- Summary
- wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: use two-phase skb reclamation in ieee80211dostop()
Since '_devqueue_xmit()' should be called with interrupts enabled, the following backtrace:
ieee80211dostop() ... spinlockirqsave(&local->queuestopreasonlock, flags) ... ieee80211freetxskb() ieee80211reportusedskb() ieee80211reportackskb() cfg80211mgmttxstatusext() nl80211frametxstatus() genlmsgmulticastnetns() genlmsgmulticastnetnsfiltered() nlmsgmulticastfiltered() netlinkbroadcastfiltered() doonebroadcast() netlinkbroadcastdeliver() _netlinksendskb() netlinkdelivertap() _netlinkdelivertapskb() devqueuexmit() _devqueuexmit() ; with IRQS disabled ... spinunlockirqrestore(&local->queuestopreason_lock, flags)
issues the warning (as reported by syzbot reproducer):
WARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 _localbhenableip+0xc3/0x120
Fix this by implementing a two-phase skb reclamation in 'ieee80211dostop()', where actual work is performed outside of a section with interrupts disabled.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47713.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/04f75f5bae33349283d6886901d9acd2f110c024
- https://git.kernel.org/stable/c/058c9026ad79dc98572442fd4c7e9a36aba6f596
- https://git.kernel.org/stable/c/07eb0bd7b0a8abed9d45e0f567c9af1dc83e5268
- https://git.kernel.org/stable/c/9d301de12da6e1bb069a9835c38359b8e8135121
- https://git.kernel.org/stable/c/acb53a716e492a02479345157c43f21edc8bc64b
- https://git.kernel.org/stable/c/ad4b7068b101fbbb4a9ca4b99b25eb051a9482ec
- https://git.kernel.org/stable/c/db5ca4b42ccfa42d2af7b335ff12578e57775c02
- https://git.kernel.org/stable/c/eab272972cffff9cd973b8e4055a8e81c64f7e6a
- https://git.kernel.org/stable/c/f232916fab67ca1c3425926df4a866e59ff26908
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47713.json
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-47713
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5061b0c2b9066de426fbc63f1278d2210e789412Fixed07eb0bd7b0a8abed9d45e0f567c9af1dc83e5268Fixed04f75f5bae33349283d6886901d9acd2f110c024Fixedf232916fab67ca1c3425926df4a866e59ff26908Fixedacb53a716e492a02479345157c43f21edc8bc64bFixeddb5ca4b42ccfa42d2af7b335ff12578e57775c02Fixed058c9026ad79dc98572442fd4c7e9a36aba6f596Fixedeab272972cffff9cd973b8e4055a8e81c64f7e6aFixedad4b7068b101fbbb4a9ca4b99b25eb051a9482ecFixed9d301de12da6e1bb069a9835c38359b8e8135121
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced2.6.32Fixed4.19.323
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.285
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.227
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.168
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.113
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.54
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.10.13
- Type
- ECOSYSTEM
- Events
-
Introduced6.11.0Fixed6.11.2