CVE-2024-43847

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/8126f82dab7bd8b2e04799342b19fff0a1fd8575", "name": "https://git.kernel.org/stable/c/8126f82dab7bd8b2e04799342b19fff0a1fd8575", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/36fc66a7d9ca3e5c6eac25362cac63f83df8bed6", "name": "https://git.kernel.org/stable/c/36fc66a7d9ca3e5c6eac25362cac63f83df8bed6", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/073f9f249eecd64ab9d59c91c4a23cfdcc02afe4", "name": "https://git.kernel.org/stable/c/073f9f249eecd64ab9d59c91c4a23cfdcc02afe4", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix invalid memory access while processing fragmented packets\n\nThe monitor ring and the reo reinject ring share the same ring mask index.\nWhen the driver receives an interrupt for the reo reinject ring, the\nmonitor ring is also processed, leading to invalid memory access. Since\nmonitor support is not yet enabled in ath12k, the ring mask for the monitor\nring should be removed.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.1.1-00209-QCAHKSWPL_SILICONZ-1"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-43847", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}}, "publishedDate": "2024-08-17T10:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.10.3", "versionStartIncluding": "6.7"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.44", "versionStartIncluding": "6.3"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-10-25T19:55Z"}