{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-27434", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:47:42.687Z", "datePublished": "2024-05-17T12:08:50.896Z", "dateUpdated": "2025-05-04T09:05:01.411Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:05:01.411Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don't set the MFP flag for the GTK\n\nThe firmware doesn't need the MFP flag for the GTK, it can even make the\nfirmware crash. in case the AP is configured with: group cipher TKIP and\nMFPC. We would send the GTK with cipher = TKIP and MFP which is of course\nnot possible."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c"], "versions": [{"version": "5c75a208c2449c6ea24f07610cc052f6a352246c", "lessThan": "b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8", "status": "affected", "versionType": "git"}, {"version": "5c75a208c2449c6ea24f07610cc052f6a352246c", "lessThan": "40405cbb20eb6541c603e7b3d54ade0a7be9d715", "status": "affected", "versionType": "git"}, {"version": "5c75a208c2449c6ea24f07610cc052f6a352246c", "lessThan": "60f6d5fc84a9fd26528a24d8a267fc6a6698b628", "status": "affected", "versionType": "git"}, {"version": "5c75a208c2449c6ea24f07610cc052f6a352246c", "lessThan": "e35f316bce9e5733c9826120c1838f4c447b2c4c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c"], "versions": [{"version": "6.2", "status": "affected"}, {"version": "0", "lessThan": "6.2", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.6.23"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.7.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.8.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8"}, {"url": "https://git.kernel.org/stable/c/40405cbb20eb6541c603e7b3d54ade0a7be9d715"}, {"url": "https://git.kernel.org/stable/c/60f6d5fc84a9fd26528a24d8a267fc6a6698b628"}, {"url": "https://git.kernel.org/stable/c/e35f316bce9e5733c9826120c1838f4c447b2c4c"}], "title": "wifi: iwlwifi: mvm: don't set the MFP flag for the GTK", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27434", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-17T17:16:46.787202Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:46:52.503Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:34:52.476Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/40405cbb20eb6541c603e7b3d54ade0a7be9d715", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/60f6d5fc84a9fd26528a24d8a267fc6a6698b628", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e35f316bce9e5733c9826120c1838f4c447b2c4c", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/40405cbb20eb6541c603e7b3d54ade0a7be9d715", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/60f6d5fc84a9fd26528a24d8a267fc6a6698b628", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e35f316bce9e5733c9826120c1838f4c447b2c4c", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:34:52.476Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27434", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-17T17:16:46.787202Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:24.665Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "wifi: iwlwifi: mvm: don't set the MFP flag for the GTK", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5c75a208c2449c6ea24f07610cc052f6a352246c", "lessThan": "b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8", "versionType": "git"}, {"status": "affected", "version": "5c75a208c2449c6ea24f07610cc052f6a352246c", "lessThan": "40405cbb20eb6541c603e7b3d54ade0a7be9d715", "versionType": "git"}, {"status": "affected", "version": "5c75a208c2449c6ea24f07610cc052f6a352246c", "lessThan": "60f6d5fc84a9fd26528a24d8a267fc6a6698b628", "versionType": "git"}, {"status": "affected", "version": "5c75a208c2449c6ea24f07610cc052f6a352246c", "lessThan": "e35f316bce9e5733c9826120c1838f4c447b2c4c", "versionType": "git"}], "programFiles": ["drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.2"}, {"status": "unaffected", "version": "0", "lessThan": "6.2", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8"}, {"url": "https://git.kernel.org/stable/c/40405cbb20eb6541c603e7b3d54ade0a7be9d715"}, {"url": "https://git.kernel.org/stable/c/60f6d5fc84a9fd26528a24d8a267fc6a6698b628"}, {"url": "https://git.kernel.org/stable/c/e35f316bce9e5733c9826120c1838f4c447b2c4c"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don't set the MFP flag for the GTK\n\nThe firmware doesn't need the MFP flag for the GTK, it can even make the\nfirmware crash. in case the AP is configured with: group cipher TKIP and\nMFPC. We would send the GTK with cipher = TKIP and MFP which is of course\nnot possible."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:54:51.252Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27434", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:54:51.252Z", "dateReserved": "2024-02-25T13:47:42.687Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T12:08:50.896Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68", "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD", "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don't set the MFP flag for the GTK\n\nThe firmware doesn't need the MFP flag for the GTK, it can even make the\nfirmware crash. in case the AP is configured with: group cipher TKIP and\nMFPC. We would send the GTK with cipher = TKIP and MFP which is of course\nnot possible."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: iwlwifi: mvm: no configure el indicador MFP para GTK El firmware no necesita el indicador MFP para GTK, incluso puede provocar que el firmware falle. en caso de que el AP est\u00e9 configurado con: cifrado de grupo TKIP y MFPC. Enviar\u00edamos el GTK con cifrado = TKIP y MFP, lo cual, por supuesto, no es posible."}], "id": "CVE-2024-27434", "lastModified": "2025-09-26T16:21:35.177", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-17T13:15:58.000", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/40405cbb20eb6541c603e7b3d54ade0a7be9d715"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/60f6d5fc84a9fd26528a24d8a267fc6a6698b628"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e35f316bce9e5733c9826120c1838f4c447b2c4c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/40405cbb20eb6541c603e7b3d54ade0a7be9d715"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/60f6d5fc84a9fd26528a24d8a267fc6a6698b628"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e35f316bce9e5733c9826120c1838f4c447b2c4c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5363", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.31.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:5363", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.31.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-08-15T00:00:00Z"}], "bugzilla": {"description": "kernel: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK", "id": "2281133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281133"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nwifi: iwlwifi: mvm: don't set the MFP flag for the GTK\nThe firmware doesn't need the MFP flag for the GTK, it can even make the\nfirmware crash. in case the AP is configured with: group cipher TKIP and\nMFPC. We would send the GTK with cipher = TKIP and MFP which is of course\nnot possible.", "CVE-2024-27434 is a flaw in the Linux kernel\u2019s iwlwifi driver related to handling Management Frame Protection (MFP) in certain Wi-Fi configurations. When connecting to an access point using TKIP as the group cipher, the driver incorrectly applies the MFP flag to the Group Temporal Key (GTK), which is not supported in this context. This can result in firmware crashes and instability. The issue has been fixed by ensuring the driver does not set the MFP flag for incompatible group ciphers like TKIP. Updating to a patched kernel version is recommended to resolve this vulnerability."], "name": "CVE-2024-27434", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-27434\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27434\nhttps://lore.kernel.org/linux-cve-announce/2024051756-CVE-2024-27434-ac61@gregkh/T"], "threat_severity": "Moderate"}

{}