CVE-2024-53055
Published: Nov 19, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop variable has type u8, which can never reach the number found when that's bigger than 255, and is stored in a u32 variable. Also move it into the loops to have a smaller scope. Using a u32 there is fine, we limit the number of APs in the scan list and each has a limit on the number of RNR entries due to the frame size. With a limit of 1000 scan results, a frame size upper bound of 4096 (really it's more like ~2300) and a TBTT entry size of at least 11, we get an upper bound for the number of ~372k, well in the bounds of a u32.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected eae94cf82d7456b57fa9fd55c1edb8a726dcc19c - < 2ac15e5a8f42fed5d90ed9e1197600913678c50faffected eae94cf82d7456b57fa9fd55c1edb8a726dcc19c - < cde8a7eb5c6762264ff0f4433358e0a0d250c875affected eae94cf82d7456b57fa9fd55c1edb8a726dcc19c - < fc621e7a043de346c33bd7ae7e2e0c651d6152efaffected eae94cf82d7456b57fa9fd55c1edb8a726dcc19c - < 2ccd5badadab2d586e91546bf5af3deda07fef1faffected eae94cf82d7456b57fa9fd55c1edb8a726dcc19c - < 7245012f0f496162dd95d888ed2ceb5a35170f1a |
Linux | Linux | affected 5.11unaffected 0 - < 5.11unaffected 5.15.171 - <= 5.15.*unaffected 6.1.116 - <= 6.1.*unaffected 6.6.60 - <= 6.6.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now