References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: remove station if connection prep fails

If connection preparation fails for MLO connections, then the
interface is completely reset to non-MLD. In this case, we must
not keep the station since it's related to the link of the vif
being removed. Delete an existing station. Any "new_sta" is
already being removed, so that doesn't need changes.

This fixes a use-after-free/double-free in debugfs if that's
enabled, because a vif going from MLD (and to MLD, but that's
not relevant here) recreates its entire debugfs.

https://git.kernel.org/stable/c/1c2b72ea89882aeb948340498391e69c58d466f1

https://git.kernel.org/stable/c/283fc9e44ff5b5ac967439b4951b80bd4299f4e4

https://git.kernel.org/stable/c/9e28654f79f443bca9b29ff3ae7cf18abfba58a0

https://git.kernel.org/stable/c/afcbaed89cdc1a001b43270cbf5394bb4804270a

https://git.kernel.org/stable/c/fe75fa1ac9a92990f7fc3d34b17808fd933071b2