CVE-2024-47713

CVE Details

Release Date:

2024-10-21

Description

In the Linux kernel, the following vulnerability has been resolved:\nwifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()\nSince '__dev_queue_xmit()' should be called with interrupts enabled,\nthe following backtrace:\nieee80211_do_stop()\n...\nspin_lock_irqsave(&local->queue_stop_reason_lock, flags)\n...\nieee80211_free_txskb()\nieee80211_report_used_skb()\nieee80211_report_ack_skb()\ncfg80211_mgmt_tx_status_ext()\nnl80211_frame_tx_status()\ngenlmsg_multicast_netns()\ngenlmsg_multicast_netns_filtered()\nnlmsg_multicast_filtered()\nnetlink_broadcast_filtered()\ndo_one_broadcast()\nnetlink_broadcast_deliver()\n__netlink_sendskb()\nnetlink_deliver_tap()\n__netlink_deliver_tap_skb()\ndev_queue_xmit()\n__dev_queue_xmit() ; with IRQS disabled\n...\nspin_unlock_irqrestore(&local->queue_stop_reason_lock, flags)\nissues the warning (as reported by syzbot reproducer):\nWARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120\nFix this by implementing a two-phase skb reclamation in\n'ieee80211_do_stop()', where actual work is performed\noutside of a section with interrupts disabled.

See more information about CVE-2024-47713 from MITRE CVE dictionary and NIST NVD

NOTE: The following CVSS metrics and score provided are preliminary and subject to review.

CVSS v3 metrics

Base Score:	5.5
Vector String:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Version:	3.1
Attack Vector:	Local
Attack Complexity:	Low
Privileges Required:	Low
User Interaction:	None
Scope:	Unchanged
Confidentiality:	None
Integrity:	None
Availability:	High

Errata information

Platform	Errata	Release Date
Oracle Linux version 7 (kernel-uek)	ELSA-2024-12884	2024-12-16
Oracle Linux version 8 (kernel-uek)	ELSA-2024-12884	2024-12-16
Oracle Linux version 8 (kernel-uek)	ELSA-2024-12887	2024-12-18
Oracle Linux version 9 (kernel-uek)	ELSA-2024-12887	2024-12-18