Bug 1220686 (CVE-2021-47028) - VUL-0: CVE-2021-47028: kernel: mt76: mt7915: fix txrate reporting
Summary: VUL-0: CVE-2021-47028: kernel: mt76: mt7915: fix txrate reporting
Status: RESOLVED INVALID
Alias: CVE-2021-47028
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/395475/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-02-29 13:49 UTC by SMASH SMASH
Modified: 2024-05-28 11:41 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-02-29 13:49:46 UTC 
In the Linux kernel, the following vulnerability has been resolved:

mt76: mt7915: fix txrate reporting

Properly check rate_info to fix unexpected reporting.

[ 1215.161863] Call trace:
[ 1215.164307]  cfg80211_calculate_bitrate+0x124/0x200 [cfg80211]
[ 1215.170139]  ieee80211s_update_metric+0x80/0xc0 [mac80211]
[ 1215.175624]  ieee80211_tx_status_ext+0x508/0x838 [mac80211]
[ 1215.181190]  mt7915_mcu_get_rx_rate+0x28c/0x8d0 [mt7915e]
[ 1215.186580]  mt7915_mac_tx_free+0x324/0x7c0 [mt7915e]
[ 1215.191623]  mt7915_queue_rx_skb+0xa8/0xd0 [mt7915e]
[ 1215.196582]  mt76_dma_cleanup+0x7b0/0x11d0 [mt76]
[ 1215.201276]  __napi_poll+0x38/0xf8
[ 1215.204668]  napi_workfn+0x40/0x80
[ 1215.208062]  process_one_work+0x1fc/0x390
[ 1215.212062]  worker_thread+0x48/0x4d0
[ 1215.215715]  kthread+0x120/0x128
[ 1215.218935]  ret_from_fork+0x10/0x1c

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47028
https://git.kernel.org/stable/c/4bd926e5ca88eac4d95eacb806b229f8729bc62e
https://git.kernel.org/stable/c/dfc8a71448c7d4fec38fb22bdc8a76d79c14b6da
https://git.kernel.org/stable/c/f43b941fd61003659a3f0e039595e5e525917aa8
https://www.cve.org/CVERecord?id=CVE-2021-47028
Comment 1 Gabriele Sonnu 2024-02-29 14:03:24 UTC 
All affected branches already contain the fix. Closing.
Comment 4 Carlos López 2024-05-28 11:41:50 UTC 
Done, closing.