low
3.3
Advisory Published
Updated

CVE-2024-47738: wifi: mac80211: don't use rate mask for offchannel TX either

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask for scanning"), ignore incorrect settings to avoid no supported rate warning reported by syzbot. The syzbot did bisect and found cause is commit 9df66d5b9f45 ("cfg80211: fix default HE tx bitrate mask in 2G band"), which however corrects bitmask of HE MCS and recognizes correctly settings of empty legacy rate plus HE MCS rate instead of returning -EINVAL. As suggestions [1], follow the change of SCAN TX to consider this case of offchannel TX as well. [1] https://lore.kernel.org/linux-wireless/6ab2dc9c3afe753ca6fdcdd1421e7a1f47e87b84.camel@sipsolutions.net/T/#m2ac2a6d2be06a37c9c47a3d8a44b4f647ed4f024

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel>=5.10.51<5.11
Linux Kernel>=5.12.18<5.13
Linux Kernel>=5.13.3<5.14
Linux Kernel>=5.14<6.1.113
Linux Kernel>=6.2<6.6.54
Linux Kernel>=6.7<6.10.13
Linux Kernel>=6.11<6.11.2

Remedy

https://git.kernel.org/stable/c/3565ef215101ffadb5fe5394c70b1fca51376b25

Remedy

https://git.kernel.org/stable/c/43897111481b679508711d3ca881c4c6593e9247

Remedy

https://git.kernel.org/stable/c/aafca50e71dc8f3192a5bfb325135a7908f3ef9e

Remedy

https://git.kernel.org/stable/c/d54455a3a965feb547711aff7afd2ca5deadb99c

Remedy

https://git.kernel.org/stable/c/e7a7ef9a0742dbd0818d5b15fba2c5313ace765b

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-47738?

    CVE-2024-47738 has a low severity rating as it pertains to a configuration issue in the Linux kernel.

  • How do I fix CVE-2024-47738?

    To fix CVE-2024-47738, ensure that you update your Linux kernel to the latest version that isn’t affected.

  • Which Linux kernel versions are affected by CVE-2024-47738?

    CVE-2024-47738 affects Linux kernel versions from 5.10.51 to 5.11 and multiple versions up to 6.11.2.

  • What impact does CVE-2024-47738 have on network performance?

    The vulnerability CVE-2024-47738 can lead to incorrect rate settings during off-channel transmission, potentially degrading network performance.

  • Is CVE-2024-47738 specific to certain hardware?

    CVE-2024-47738 is not specific to certain hardware but is rather a vulnerability present in the mac80211 layer of the Linux kernel.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203