U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-26779 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix race condition on enabling fast-xmit fast-xmit must only be enabled after the sta has been uploaded to the driver, otherwise it could end up passing the not-yet-uploaded sta via drv_tx calls to the driver, leading to potential crashes because of uninitialized drv_priv data. Add a missing sta->uploaded check and re-check fast xmit after inserting a sta.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/281280276b70c822f55ce15b661f6d1d3228aaa9
https://git.kernel.org/stable/c/54b79d8786964e2f840e8a2ec4a9f9a50f3d4954
https://git.kernel.org/stable/c/5ffab99e070b9f8ae0cf60c3c3602b84eee818dd
https://git.kernel.org/stable/c/76fad1174a0cae6fc857b9f88b261a2e4f07d587
https://git.kernel.org/stable/c/85720b69aef177318f4a18efbcc4302228a340e5
https://git.kernel.org/stable/c/88c18fd06608b3adee547102505d715f21075c9d
https://git.kernel.org/stable/c/bcbc84af1183c8cf3d1ca9b78540c2185cd85e7f
https://git.kernel.org/stable/c/eb39bb548bf974acad7bd6780fe11f9e6652d696

Weakness Enumeration

CWE-ID CWE Name Source
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CISA-ADP  

Change History

7 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-26779
NVD Published Date:
04/03/2024
NVD Last Modified:
11/06/2024
Source:
kernel.org