U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2024-26682

Change History

New CVE Received from kernel.org 4/02/2024 3:15:44 AM

Action Type Old Value New Value
Added Description

								
							
							
						
In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: improve CSA/ECSA connection refusal

As mentioned in the previous commit, we pretty quickly found
that some APs have ECSA elements stuck in their probe response,
so using that to not attempt to connect while CSA is happening
we never connect to such an AP.

Improve this situation by checking more carefully and ignoring
the ECSA if cfg80211 has previously detected the ECSA element
being stuck in the probe response.

Additionally, allow connecting to an AP that's switching to a
channel it's already using, unless it's using quiet mode. In
this case, we may just have to adjust bandwidth later. If it's
actually switching channels, it's better not to try to connect
in the middle of that.
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/35e2385dbe787936c793d70755a5177d267a40aa [No types assigned]
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/ea88bde8e3fefbe4268f6991375dd629895a090a [No types assigned]