LinuxVULNRICHMENT:CVE-2023-52832CVE-2023-52832 wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: don’t return unset power in ieee80211_get_tx_power()
We can get a UBSAN warning if ieee80211_get_tx_power() returns the
INT_MIN value mac80211 internally uses for “unset power level”.
UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5
-2147483648 * 100 cannot be represented in type ‘int’
CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE
Call Trace:
dump_stack+0x74/0x92
ubsan_epilogue+0x9/0x50
handle_overflow+0x8d/0xd0
__ubsan_handle_mul_overflow+0xe/0x10
nl80211_send_iface+0x688/0x6b0 [cfg80211]
[…]
cfg80211_register_wdev+0x78/0xb0 [cfg80211]
cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]
[…]
ieee80211_if_add+0x60e/0x8f0 [mac80211]
ieee80211_register_hw+0xda5/0x1170 [mac80211]
In this case, simply return an error instead, to indicate
that no data is available.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/mac80211/cfg.c"
],
"versions": [
{
"version": "1da177e4c3f4",
"lessThan": "1571120c44db",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "298e767362ca",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "efeae5f4972f",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "717de20abdcd",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "21a0f310a9f3",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "2be24c47ac19",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "adc2474d823f",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "5a94cffe90e2",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "e160ab85166e",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/mac80211/cfg.c"
],
"versions": [
{
"version": "4.14.331",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.300",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.262",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.202",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.140",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.64",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.5.13",
"lessThanOrEqual": "6.5.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.3",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]References
git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f
git.kernel.org/stable/c/21a0f310a9f3bfd2b4cf4f382430e638607db846
git.kernel.org/stable/c/298e767362cade639b7121ecb3cc5345b6529f62
git.kernel.org/stable/c/2be24c47ac19bf639c48c082486c08888bd603c6
git.kernel.org/stable/c/5a94cffe90e20e8fade0b9abd4370bd671fe87c7
git.kernel.org/stable/c/717de20abdcd1d4993fa450e28b8086a352620ea
git.kernel.org/stable/c/adc2474d823fe81d8da759207f4f1d3691aa775a
git.kernel.org/stable/c/e160ab85166e77347d0cbe5149045cb25e83937f
git.kernel.org/stable/c/efeae5f4972f75d50002bc50eb112ab9e7069b18
Related
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
13.2%