CVE-2021-47194
cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
If the userspace tools switch from NL80211_IFTYPE_P2P_GO to
NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it
does not call the cleanup cfg80211_stop_ap(), this leads to the
initialization of in-use data. For example, this path re-init the
sdata->assigned_chanctx_list while it is still an element of
assigned_vifs list, and makes that linked list corrupt.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cfg80211: llame a cfg80211_stop_ap cuando cambie del tipo P2P_GO. Si las herramientas del espacio de usuario cambian de NL80211_IFTYPE_P2P_GO a NL80211_IFTYPE_ADHOC mediante send_msg(NL80211_CMD_SET_INTERFACE), no llama a la limpieza cfg80211_ stop_ap(), esto lleva a la inicialización de datos en uso. Por ejemplo, esta ruta reinicia sdata->assigned_chanctx_list mientras todavía es un elemento de la lista asignada_vifs y corrompe esa lista vinculada.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-25 CVE Reserved
- 2024-04-10 CVE Published
- 2024-04-21 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-665: Improper Initialization
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/ac800140c20e7ae51117e71289065bedd4930fc2 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.6 < 4.4.293 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 4.4.293" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.6 < 4.9.291 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 4.9.291" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.6 < 4.14.256 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 4.14.256" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.6 < 4.19.218 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 4.19.218" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.6 < 5.4.162 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 5.4.162" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.6 < 5.10.82 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 5.10.82" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.6 < 5.15.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 5.15.5" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.6 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 5.16" | en |
Affected
| ||||||