CVE-2024-43842

wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter()

In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size.
But then 'rate->he_gi' is used as array index instead of 'status->he_gi'.
This can lead to go beyond array boundaries in case of 'rate->he_gi' is
not equal to 'status->he_gi' and is bigger than array size. Looks like
"copy-paste" mistake.

Fix this mistake by replacing 'rate->he_gi' with 'status->he_gi'.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-08-17 CVE Reserved
2024-08-17 CVE Published
2024-08-18 EPSS Updated
2024-09-15 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/a2a095c08b95372d6d0c5819b77f071af5e75366	2024-08-03
https://git.kernel.org/stable/c/7a0edc3d83aff3a48813d78c9cad9daf38decc74	2024-08-03
https://git.kernel.org/stable/c/96ae4de5bc4c8ba39fd072369398f59495b73f58	2024-08-03
https://git.kernel.org/stable/c/85099c7ce4f9e64c66aa397cd9a37473637ab891	2024-07-05

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.16 < 6.1.103 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 6.1.103"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.16 < 6.6.44 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 6.6.44"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.16 < 6.10.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 6.10.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.16 < 6.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 6.11"		en		Affected