CVE-2024-27056
MediumIn the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated by the firmware. In the unusual event that no packets have been send on TID 0, the queue will not have been allocated and this causes a crash. Fix this by ensuring the queue exist at suspend time.
CVSS 3.1 score
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References
The following references provide additional information about CVE-2024-27056 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.
-
-
PatchKernel patch commithttps://git.kernel.org/stable/c/35afffaddbe8d310dc61659da0b1a337b0d0addc
-
PatchKernel patch commithttps://git.kernel.org/stable/c/4903303f25f48b5a1e34e6324c7fae9ccd6b959a
-
PatchKernel patch commithttps://git.kernel.org/stable/c/78f65fbf421a61894c14a1b91fe2fb4437b3fe5f
Frequently asked questions
-
What is CVE-2024-27056?
CVE-2024-27056 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . CVE-2024-27056 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
What is the CVSS score for CVE-2024-27056?
CVE-2024-27056 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. -
Is there a patch available for CVE-2024-27056?
No patch is currently available for CVE-2024-27056. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
-
Is CVE-2024-27056 actively exploited?
No — CVE-2024-27056 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.