CVE-2024-49938
Published: Oct 21, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. The intent here is clearly just to reset the length to zero before resubmitting, so switch to calling __skb_set_length(skb, 0) directly. In addition, __skb_set_length() already contains a call to skb_reset_tail_pointer(), so remove the redundant call. The syzbot report came from ath9k_hif_usb_reg_in_cb(), but there's a similar usage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we're at it.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected fb9987d0f748c983bb795a86f47522313f701a08 - < e6b9bf32e0695e4f374674002de0527d2a6768ebaffected fb9987d0f748c983bb795a86f47522313f701a08 - < d1f2fbc6a769081503f6ffedbb5cd1ac497f0e77affected fb9987d0f748c983bb795a86f47522313f701a08 - < b02eb7c86ff2ef1411c3095ec8a52b13f68db04faffected fb9987d0f748c983bb795a86f47522313f701a08 - < 012ae530afa0785102360de452745d33c99a321baffected fb9987d0f748c983bb795a86f47522313f701a08 - < 6a875220670475d9247e576c15dc29823100a4e4+4 more versions |
Linux | Linux | affected 2.6.35unaffected 0 - < 2.6.35unaffected 4.19.323 - <= 4.19.*unaffected 5.4.285 - <= 5.4.*unaffected 5.10.227 - <= 5.10.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now