Bug 1222433 (CVE-2024-26682)

Summary: VUL-0: CVE-2024-26682: kernel: wifi: mac80211: improve CSA/ECSA connection refusal
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Kernel Bugs <kernel-bugs>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: rfrohl
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/399989/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-26682:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-04-08 07:37:51 UTC 
In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: improve CSA/ECSA connection refusal

As mentioned in the previous commit, we pretty quickly found
that some APs have ECSA elements stuck in their probe response,
so using that to not attempt to connect while CSA is happening
we never connect to such an AP.

Improve this situation by checking more carefully and ignoring
the ECSA if cfg80211 has previously detected the ECSA element
being stuck in the probe response.

Additionally, allow connecting to an AP that's switching to a
channel it's already using, unless it's using quiet mode. In
this case, we may just have to adjust bandwidth later. If it's
actually switching channels, it's better not to try to connect
in the middle of that.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26682
https://www.cve.org/CVERecord?id=CVE-2024-26682
https://git.kernel.org/stable/c/35e2385dbe787936c793d70755a5177d267a40aa
https://git.kernel.org/stable/c/ea88bde8e3fefbe4268f6991375dd629895a090a
https://bugzilla.redhat.com/show_bug.cgi?id=2272846
Comment 1 Robert Frohl 2024-04-08 07:42:34 UTC 
does not affect any SUSE kernels, closing