发布于3月6日3月6日 Members Red Hat: CVE-2023-52777: kernel: wifi: ath11k: fix gtk offload status event locking (Multiple Advisories) Severity 5 CVSS (AV:L/AC:H/Au:M/C:P/I:P/A:C) Published 05/21/2024 Created 08/13/2024 Added 08/12/2024 Modified 01/16/2025 Description In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical section. Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues. Compile tested only. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-52777 RHSA-2024:5101 RHSA-2024:5102
