Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2024-38572
HistoryJun 19, 2024 - 12:00 a.m.

CVE-2024-38572

2024-06-1900:00:00
ubuntu.com
ubuntu.com
2
linux kernel
wifi
ath12k
qmi_invoke_handler
out-of-bound fix

AI Score

6.6

Confidence

High

JSON

In the Linux kernel, the following vulnerability has been resolved: wifi:
ath12k: fix out-of-bound access of qmi_invoke_handler() Currently, there is
no terminator entry for ath12k_qmi_msg_handlers hence facing below KASAN
warning, ==================================================================
BUG: KASAN: global-out-of-bounds in qmi_invoke_handler+0xa4/0x148 Read of
size 8 at addr ffffffd00a6428d8 by task kworker/u8:2/1273 CPU: 0 PID: 1273
Comm: kworker/u8:2 Not tainted 5.4.213 #0 Workqueue: qmi_msg_handler
qmi_data_ready_work Call trace: dump_backtrace+0x0/0x20c
show_stack+0x14/0x1c dump_stack+0xe0/0x138
print_address_description.isra.5+0x30/0x330 __kasan_report+0x16c/0x1bc
kasan_report+0xc/0x14 __asan_load8+0xa8/0xb0 qmi_invoke_handler+0xa4/0x148
qmi_handle_message+0x18c/0x1bc qmi_data_ready_work+0x4ec/0x528
process_one_work+0x2c0/0x440 worker_thread+0x324/0x4b8 kthread+0x210/0x228
ret_from_fork+0x10/0x18 The address belongs to the variable:
ath12k_mac_mon_status_filter_default+0x4bd8/0xfffffffffffe2300 [ath12k]
[…] ==================================================================
Add a dummy terminator entry at the end to assist the qmi_invoke_handler()
in traversing up to the terminator entry without accessing an
out-of-boundary index. Tested-on: QCN9274 hw2.0 PCI
WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1

Related

redhatcve 1
osv 10
debiancve 1
vulnrichment 1
cvelist 1
cve 1
nvd 1
nessus 8
ubuntu 4
openvas 7
mageia 2
redhatcve
redhatcve
CVE-2024-38572
2024-06-20 15:55:19
osv
osv
UBUNTU-CVE-2024-38572
2024-06-19 14:15:00
CVE-2024-38572
2024-06-19 14:15:17
linux-oem-6.8 vulnerabilities
2024-08-12 18:05:26
debiancve
debiancve
CVE-2024-38572
2024-06-19 14:15:17
vulnrichment
vulnrichment
CVE-2024-38572 wifi: ath12k: fix out-of-bound access of qmi_invoke_handler()
2024-06-19 13:35:37
cvelist
cvelist
CVE-2024-38572 wifi: ath12k: fix out-of-bound access of qmi_invoke_handler()
2024-06-19 13:35:37
cve
cve
CVE-2024-38572
2024-06-19 14:15:17
nvd
nvd
CVE-2024-38572
2024-06-19 14:15:17
nessus
nessus
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-6949-1)
2024-08-08 00:00:00
Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6952-2)
2024-08-13 00:00:00
Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6955-1)
2024-08-12 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-08-08 00:00:00
Linux kernel vulnerabilities
2024-08-13 00:00:00
Linux kernel vulnerabilities
2024-08-09 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6949-1)
2024-08-09 00:00:00
Ubuntu: Security Advisory (USN-6952-1)
2024-08-09 00:00:00
Ubuntu: Security Advisory (USN-6949-2)
2024-08-14 00:00:00
mageia
mageia
Updated kernel kmod-xtables-addons kmod-virtualbox dwarves packages fix security vulnerabilities
2024-07-13 10:54:44
Updated kernel-linus packages fix security vulnerabilities
2024-07-14 08:23:38

AI Score

6.6

Confidence

High

JSON
Related for UB:CVE-2024-38572
redhatcve1osv10debiancve1vulnrichment1cvelist1cve1nvd1nessus8ubuntu4openvas7mageia2