CVE-2024-35937

Updated: 2024-08-13 01:59:15.122317

Description:

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make this a bit more careful and check if the subframe header can even be present.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x MEDIUM 5.8

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 5.8 MEDIUM Needs Triage 2024-08-21 14:26:15
AlmaLinux 9.2 FIPS kernel 5.14.0 5.8 MEDIUM Ignored 2024-08-13 14:25:18
CentOS 6 ELS kernel 2.6.32 5.8 MEDIUM Ignored 2024-08-13 14:25:18
CentOS 7 ELS kernel 3.10.0 5.8 MEDIUM Ignored 2024-08-13 14:25:18
CentOS 8.4 ELS kernel 4.18.0 5.8 MEDIUM Ignored 2024-08-20 05:26:13
CentOS 8.5 ELS kernel 4.18.0 5.8 MEDIUM Ignored 2024-08-20 05:26:13
CentOS Stream 8 ELS kernel 4.18.0 5.8 MEDIUM Ignored 2024-08-20 05:26:13
CloudLinux 6 ELS kernel 2.6.32 5.8 MEDIUM Ignored 2024-08-13 14:25:18
CloudLinux 7 ELS kernel 3.10.0 5.8 MEDIUM Ignored 2024-08-13 14:25:18
Oracle Linux 6 ELS kernel 2.6.32 5.8 MEDIUM Ignored 2024-08-13 14:25:18