What is the severity of CVE-2024-47724?

The severity of CVE-2024-47724 is currently assessed as moderate due to potential impacts on the functioning of wireless communications.

How do I fix CVE-2024-47724?

To fix CVE-2024-47724, users should update their Linux kernel to a version beyond 6.11.2 or beyond 6.10.13.

Which systems are affected by CVE-2024-47724?

CVE-2024-47724 affects Linux kernel versions between 6.10 and 6.10.13, as well as versions between 6.11 and 6.11.2.

What type of vulnerability is CVE-2024-47724?

CVE-2024-47724 is a vulnerability related to the wireless subsystem in the Linux kernel, specifically involving beacon transmission events.

Is there a public exploit available for CVE-2024-47724?

Currently, there are no known public exploits for CVE-2024-47724.

Vulnerability/
CVE-2024-47724

medium

5.5

21/10/2024

19/12/2024

CVE-2024-47724: wifi: ath11k: use work queue to process beacon tx event

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: use work queue to process beacon tx event Commit 3a415daa3e8b ("wifi: ath11k: add P2P IE in beacon template") from Feb 28, 2024 (linux-next), leads to the following Smatch static checker warning: drivers/net/wireless/ath/ath11k/wmi.c:1742 ath11k_wmi_p2p_go_bcn_ie() warn: sleeping in atomic context The reason is that ath11k_bcn_tx_status_event() will directly call might sleep function ath11k_wmi_cmd_send() during RCU read-side critical sections. The call trace is like: ath11k_bcn_tx_status_event() -> rcu_read_lock() -> ath11k_mac_bcn_tx_event() -> ath11k_mac_setup_bcn_tmpl() …… -> ath11k_wmi_bcn_tmpl() -> ath11k_wmi_cmd_send() -> rcu_read_unlock() Commit 886433a98425 ("ath11k: add support for BSS color change") added the ath11k_mac_bcn_tx_event(), commit 01e782c89108 ("ath11k: fix warning of RCU usage for ath11k_mac_get_arvif_by_vdev_id()") added the RCU lock to avoid warning but also introduced this BUG. Use work queue to avoid directly calling ath11k_mac_bcn_tx_event() during RCU critical sections. No need to worry about the deletion of vif because cancel_work_sync() will drop the work if it doesn't start or block vif deletion until the running work is done. Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	>=6.10<6.10.13
Linux Kernel	>=6.11<6.11.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-47724?
The severity of CVE-2024-47724 is currently assessed as moderate due to potential impacts on the functioning of wireless communications.
How do I fix CVE-2024-47724?
To fix CVE-2024-47724, users should update their Linux kernel to a version beyond 6.11.2 or beyond 6.10.13.
Which systems are affected by CVE-2024-47724?
CVE-2024-47724 affects Linux kernel versions between 6.10 and 6.10.13, as well as versions between 6.11 and 6.11.2.
What type of vulnerability is CVE-2024-47724?
CVE-2024-47724 is a vulnerability related to the wireless subsystem in the Linux kernel, specifically involving beacon transmission events.
Is there a public exploit available for CVE-2024-47724?
Currently, there are no known public exploits for CVE-2024-47724.

agent/title
agent/references
agent/type
agent/description
agent/first-publish-date
agent/author
agent/event
agent/remedy
agent/severity
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel
version/linux kernel/6.10
version/linux kernel/6.11

Frequently Asked Questions

What is the severity of CVE-2024-47724?
The severity of CVE-2024-47724 is currently assessed as moderate due to potential impacts on the functioning of wireless communications.
How do I fix CVE-2024-47724?
To fix CVE-2024-47724, users should update their Linux kernel to a version beyond 6.11.2 or beyond 6.10.13.
Which systems are affected by CVE-2024-47724?
CVE-2024-47724 affects Linux kernel versions between 6.10 and 6.10.13, as well as versions between 6.11 and 6.11.2.
What type of vulnerability is CVE-2024-47724?
CVE-2024-47724 is a vulnerability related to the wireless subsystem in the Linux kernel, specifically involving beacon transmission events.
Is there a public exploit available for CVE-2024-47724?
Currently, there are no known public exploits for CVE-2024-47724.

CVE-2024-47724: wifi: ath11k: use work queue to process beacon tx event

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-47724?

How do I fix CVE-2024-47724?

Which systems are affected by CVE-2024-47724?

What type of vulnerability is CVE-2024-47724?

Is there a public exploit available for CVE-2024-47724?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-47724?

How do I fix CVE-2024-47724?

Which systems are affected by CVE-2024-47724?

What type of vulnerability is CVE-2024-47724?

Is there a public exploit available for CVE-2024-47724?