What is the severity of CVE-2024-49937?

CVE-2024-49937 has a critical severity due to potential disruptions in wireless communications.

How do I fix CVE-2024-49937?

To fix CVE-2024-49937, upgrade to the latest patched version of the Linux kernel, such as 6.1.123-1 or higher.

Which versions of the Linux kernel are affected by CVE-2024-49937?

CVE-2024-49937 affects Linux kernel versions ranging from 5.10.223-1 to 6.6.55, excluding certain fixed versions.

What type of vulnerability is CVE-2024-49937?

CVE-2024-49937 is a vulnerability in the cfg80211 component of the Linux kernel related to handling channel definitions.

What impact does CVE-2024-49937 have on system performance?

CVE-2024-49937 may cause system warnings and affect wireless communication operations when starting Channel Availability Check (CAC) in unsupported modes.

Vulnerability/
CVE-2024-49937

medium

5.5

21/10/2024

19/12/2024

CVE-2024-49937: wifi: cfg80211: Set correct chandef when starting CAC

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: 0 PID: 63 at cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]" caused by the chandef.chan being null at the end of CAC. Solution: Ensure the channel definition is set for the different modes when starting CAC to avoid getting a NULL 'chan' at the end of CAC. Call Trace: ? show_regs.part.0+0x14/0x16 ? __warn+0x67/0xc0 ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211] ? report_bug+0xa7/0x130 ? exc_overflow+0x30/0x30 ? handle_bug+0x27/0x50 ? exc_invalid_op+0x18/0x60 ? handle_exception+0xf6/0xf6 ? exc_overflow+0x30/0x30 ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211] ? exc_overflow+0x30/0x30 ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211] ? regulatory_propagate_dfs_state.cold+0x1b/0x4c [cfg80211] ? cfg80211_propagate_cac_done_wk+0x1a/0x30 [cfg80211] ? process_one_work+0x165/0x280 ? worker_thread+0x120/0x3f0 ? kthread+0xc2/0xf0 ? process_one_work+0x280/0x280 ? kthread_complete_and_exit+0x20/0x20 ? ret_from_fork+0x19/0x24 [shorten subject, remove OCB, reorder cases to match previous list]

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	<6.1.113
Linux Kernel	>=6.2<6.6.55
Linux Kernel	>=6.7<6.10.14
Linux Kernel	>=6.11<6.11.3
debian/linux	<=5.10.223-1<=5.10.226-1	6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1
debian/linux-6.1		6.1.119-1~deb11u1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-49937?
CVE-2024-49937 has a critical severity due to potential disruptions in wireless communications.
How do I fix CVE-2024-49937?
To fix CVE-2024-49937, upgrade to the latest patched version of the Linux kernel, such as 6.1.123-1 or higher.
Which versions of the Linux kernel are affected by CVE-2024-49937?
CVE-2024-49937 affects Linux kernel versions ranging from 5.10.223-1 to 6.6.55, excluding certain fixed versions.
What type of vulnerability is CVE-2024-49937?
CVE-2024-49937 is a vulnerability in the cfg80211 component of the Linux kernel related to handling channel definitions.
What impact does CVE-2024-49937 have on system performance?
CVE-2024-49937 may cause system warnings and affect wireless communication operations when starting Channel Availability Check (CAC) in unsupported modes.

agent/title
agent/type
agent/first-publish-date
agent/author
agent/remedy
agent/severity
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/usn-cve
source/Ubuntu
collector/launchpad-cve
source/Launchpad
collector/security-tracker-debian
source/Debian
agent/source
agent/references
agent/softwarecombine
agent/tags
agent/description
agent/event
vendor/linux
canonical/linux kernel
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.11
package-manager/debian

Frequently Asked Questions

What is the severity of CVE-2024-49937?
CVE-2024-49937 has a critical severity due to potential disruptions in wireless communications.
How do I fix CVE-2024-49937?
To fix CVE-2024-49937, upgrade to the latest patched version of the Linux kernel, such as 6.1.123-1 or higher.
Which versions of the Linux kernel are affected by CVE-2024-49937?
CVE-2024-49937 affects Linux kernel versions ranging from 5.10.223-1 to 6.6.55, excluding certain fixed versions.
What type of vulnerability is CVE-2024-49937?
CVE-2024-49937 is a vulnerability in the cfg80211 component of the Linux kernel related to handling channel definitions.
What impact does CVE-2024-49937 have on system performance?
CVE-2024-49937 may cause system warnings and affect wireless communication operations when starting Channel Availability Check (CAC) in unsupported modes.

CVE-2024-49937: wifi: cfg80211: Set correct chandef when starting CAC

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-49937?

How do I fix CVE-2024-49937?

Which versions of the Linux kernel are affected by CVE-2024-49937?

What type of vulnerability is CVE-2024-49937?

What impact does CVE-2024-49937 have on system performance?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-49937?

How do I fix CVE-2024-49937?

Which versions of the Linux kernel are affected by CVE-2024-49937?

What type of vulnerability is CVE-2024-49937?

What impact does CVE-2024-49937 have on system performance?