CVE-2024-35937

Published: May 19, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make this a bit more careful and check if the subframe header can even be present.

Vendor	Product	Versions
Linux	Linux	affected `966d5c2c22edcc0ab3d519af39f91a29329c979a - < 9eb3bc0973d084423a6df21cf2c74692ff05647e` affected `6e4c0d0460bd32ca9244dff3ba2d2da27235de11 - < 5d7a8585fbb31e88fb2a0f581b70667d3300d1e9` affected `6e4c0d0460bd32ca9244dff3ba2d2da27235de11 - < 16da1e1dac23be45ef6e23c41b1508c400e6c544` affected `6e4c0d0460bd32ca9244dff3ba2d2da27235de11 - < 9ad7974856926129f190ffbe3beea78460b3b7cc`
Linux	Linux	affected `6.3` unaffected `0 - < 6.3` unaffected `6.6.27 - <= 6.6.` unaffected `6.8.6 - <= 6.8.` unaffected `6.9 - <= *`

References

https://git.kernel.org/stable/c/9eb3bc0973d084423a6df21cf2c74692ff05647e

https://git.kernel.org/stable/c/5d7a8585fbb31e88fb2a0f581b70667d3300d1e9

https://git.kernel.org/stable/c/16da1e1dac23be45ef6e23c41b1508c400e6c544

https://git.kernel.org/stable/c/9ad7974856926129f190ffbe3beea78460b3b7cc

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-35937

Description

Affected Products

References