{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-43879", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-08-17T09:11:59.286Z", "datePublished": "2024-08-21T00:06:31.488Z", "dateUpdated": "2024-11-05T09:41:41.362Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:41:41.362Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()\n\nCurrently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in\ncfg80211_calculate_bitrate_he(), leading to below warning:\n\nkernel: invalid HE MCS: bw:6, ru:6\nkernel: WARNING: CPU: 0 PID: 2312 at net/wireless/util.c:1501 cfg80211_calculate_bitrate_he+0x22b/0x270 [cfg80211]\n\nFix it by handling 2x996 RU allocation in the same way as 160 MHz bandwidth."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/wireless/util.c"], "versions": [{"version": "c4cbaf7973a7", "lessThan": "45d20a1c54be", "status": "affected", "versionType": "git"}, {"version": "c4cbaf7973a7", "lessThan": "b289ebb05165", "status": "affected", "versionType": "git"}, {"version": "c4cbaf7973a7", "lessThan": "2e201b3d162c", "status": "affected", "versionType": "git"}, {"version": "c4cbaf7973a7", "lessThan": "576c64622649", "status": "affected", "versionType": "git"}, {"version": "c4cbaf7973a7", "lessThan": "16ad67e73309", "status": "affected", "versionType": "git"}, {"version": "c4cbaf7973a7", "lessThan": "67b5f1054197", "status": "affected", "versionType": "git"}, {"version": "c4cbaf7973a7", "lessThan": "19eaf4f2f5a9", "status": "affected", "versionType": "git"}, {"version": "c4cbaf7973a7", "lessThan": "bcbd771cd5d6", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/wireless/util.c"], "versions": [{"version": "4.19", "status": "affected"}, {"version": "0", "lessThan": "4.19", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.320", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.282", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.224", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.165", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.103", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.44", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.3", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/45d20a1c54be4f3173862c7b950d4468447814c9"}, {"url": "https://git.kernel.org/stable/c/b289ebb0516526cb4abae081b7ec29fd4fa1209d"}, {"url": "https://git.kernel.org/stable/c/2e201b3d162c6c49417c438ffb30b58c9f85769f"}, {"url": "https://git.kernel.org/stable/c/576c64622649f3ec07e97bac8fec8b8a2ef4d086"}, {"url": "https://git.kernel.org/stable/c/16ad67e73309db0c20cc2a651992bd01c05e6b27"}, {"url": "https://git.kernel.org/stable/c/67b5f1054197e4f5553047759c15c1d67d4c8142"}, {"url": "https://git.kernel.org/stable/c/19eaf4f2f5a981f55a265242ada2bf92b0c742dd"}, {"url": "https://git.kernel.org/stable/c/bcbd771cd5d68c0c52567556097d75f9fc4e7cd6"}], "title": "wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-43879", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:05:54.386411Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T17:33:17.515Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-43879", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:05:54.386411Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:22.596Z"}}], "cna": {"title": "wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "c4cbaf7973a7", "lessThan": "45d20a1c54be", "versionType": "git"}, {"status": "affected", "version": "c4cbaf7973a7", "lessThan": "b289ebb05165", "versionType": "git"}, {"status": "affected", "version": "c4cbaf7973a7", "lessThan": "2e201b3d162c", "versionType": "git"}, {"status": "affected", "version": "c4cbaf7973a7", "lessThan": "576c64622649", "versionType": "git"}, {"status": "affected", "version": "c4cbaf7973a7", "lessThan": "16ad67e73309", "versionType": "git"}, {"status": "affected", "version": "c4cbaf7973a7", "lessThan": "67b5f1054197", "versionType": "git"}, {"status": "affected", "version": "c4cbaf7973a7", "lessThan": "19eaf4f2f5a9", "versionType": "git"}, {"status": "affected", "version": "c4cbaf7973a7", "lessThan": "bcbd771cd5d6", "versionType": "git"}], "programFiles": ["net/wireless/util.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.19"}, {"status": "unaffected", "version": "0", "lessThan": "4.19", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.320", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.282", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.224", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.165", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.103", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.44", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.10.3", "versionType": "semver", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/wireless/util.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/45d20a1c54be4f3173862c7b950d4468447814c9"}, {"url": "https://git.kernel.org/stable/c/b289ebb0516526cb4abae081b7ec29fd4fa1209d"}, {"url": "https://git.kernel.org/stable/c/2e201b3d162c6c49417c438ffb30b58c9f85769f"}, {"url": "https://git.kernel.org/stable/c/576c64622649f3ec07e97bac8fec8b8a2ef4d086"}, {"url": "https://git.kernel.org/stable/c/16ad67e73309db0c20cc2a651992bd01c05e6b27"}, {"url": "https://git.kernel.org/stable/c/67b5f1054197e4f5553047759c15c1d67d4c8142"}, {"url": "https://git.kernel.org/stable/c/19eaf4f2f5a981f55a265242ada2bf92b0c742dd"}, {"url": "https://git.kernel.org/stable/c/bcbd771cd5d68c0c52567556097d75f9fc4e7cd6"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()\n\nCurrently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in\ncfg80211_calculate_bitrate_he(), leading to below warning:\n\nkernel: invalid HE MCS: bw:6, ru:6\nkernel: WARNING: CPU: 0 PID: 2312 at net/wireless/util.c:1501 cfg80211_calculate_bitrate_he+0x22b/0x270 [cfg80211]\n\nFix it by handling 2x996 RU allocation in the same way as 160 MHz bandwidth."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:41:41.362Z"}}}, "cveMetadata": {"cveId": "CVE-2024-43879", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:41:41.362Z", "dateReserved": "2024-08-17T09:11:59.286Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-08-21T00:06:31.488Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()\n\nCurrently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in\ncfg80211_calculate_bitrate_he(), leading to below warning:\n\nkernel: invalid HE MCS: bw:6, ru:6\nkernel: WARNING: CPU: 0 PID: 2312 at net/wireless/util.c:1501 cfg80211_calculate_bitrate_he+0x22b/0x270 [cfg80211]\n\nFix it by handling 2x996 RU allocation in the same way as 160 MHz bandwidth."}], "id": "CVE-2024-43879", "lastModified": "2024-08-21T12:30:33.697", "metrics": {}, "published": "2024-08-21T01:15:12.153", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/16ad67e73309db0c20cc2a651992bd01c05e6b27"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/19eaf4f2f5a981f55a265242ada2bf92b0c742dd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2e201b3d162c6c49417c438ffb30b58c9f85769f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/45d20a1c54be4f3173862c7b950d4468447814c9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/576c64622649f3ec07e97bac8fec8b8a2ef4d086"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/67b5f1054197e4f5553047759c15c1d67d4c8142"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b289ebb0516526cb4abae081b7ec29fd4fa1209d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bcbd771cd5d68c0c52567556097d75f9fc4e7cd6"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()", "id": "2306373", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306373"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-99", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nwifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()\nCurrently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in\ncfg80211_calculate_bitrate_he(), leading to below warning:\nkernel: invalid HE MCS: bw:6, ru:6\nkernel: WARNING: CPU: 0 PID: 2312 at net/wireless/util.c:1501 cfg80211_calculate_bitrate_he+0x22b/0x270 [cfg80211]\nFix it by handling 2x996 RU allocation in the same way as 160 MHz bandwidth."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-43879", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-08-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-43879\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-43879\nhttps://lore.kernel.org/linux-cve-announce/2024082137-CVE-2024-43879-95cb@gregkh/T"], "statement": "Following issue marked as moderate with \"not affected or will not fix\" for Red Hat Enterprise Linux, as it is not vulnerable to this CVE. This is because the CVE does not impact the versions or configurations of the Linux kernel used in Red Hat's distributions.", "threat_severity": "Moderate"}