CVE-2024-43842

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-43842
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-43842.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-43842
Downstream
Related
Published
2024-08-17T09:21:57Z
Modified
2025-10-22T01:30:46.116727Z
Summary
wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter()
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: rtw89: Fix array index mistake in rtw89stainfogetiter()

In rtw89stainfogetiter() 'status->hegi' is compared to array size. But then 'rate->hegi' is used as array index instead of 'status->hegi'. This can lead to go beyond array boundaries in case of 'rate->hegi' is not equal to 'status->he_gi' and is bigger than array size. Looks like "copy-paste" mistake.

Fix this mistake by replacing 'rate->hegi' with 'status->hegi'.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd
Fixed
a2a095c08b95372d6d0c5819b77f071af5e75366
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd
Fixed
7a0edc3d83aff3a48813d78c9cad9daf38decc74
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd
Fixed
96ae4de5bc4c8ba39fd072369398f59495b73f58
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd
Fixed
85099c7ce4f9e64c66aa397cd9a37473637ab891

Affected versions

v5.*

v5.15
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.100
v6.1.101
v6.1.102
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.64
v6.1.65
v6.1.66
v6.1.67
v6.1.68
v6.1.69
v6.1.7
v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.8
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.9
v6.1.90
v6.1.91
v6.1.92
v6.1.93
v6.1.94
v6.1.95
v6.1.96
v6.1.97
v6.1.98
v6.1.99
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.2
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@85099c7ce4f9e64c66aa397cd9a37473637ab891",
        "id": "CVE-2024-43842-0b72bdbc",
        "deprecated": false,
        "target": {
            "file": "drivers/net/wireless/realtek/rtw89/debug.c"
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "243560542029618654311372780178876366013",
                "304481900217710687285973060925556094402",
                "71656796752426926555833673120385440949",
                "250235455543378749507943441279721566309"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7a0edc3d83aff3a48813d78c9cad9daf38decc74",
        "id": "CVE-2024-43842-2bea1220",
        "deprecated": false,
        "target": {
            "file": "drivers/net/wireless/realtek/rtw89/debug.c"
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "243560542029618654311372780178876366013",
                "304481900217710687285973060925556094402",
                "234435223840660178706802459207356991944",
                "42944050759841614637569552802593809494"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a2a095c08b95372d6d0c5819b77f071af5e75366",
        "id": "CVE-2024-43842-6b067c57",
        "deprecated": false,
        "target": {
            "file": "drivers/net/wireless/realtek/rtw89/debug.c"
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "243560542029618654311372780178876366013",
                "304481900217710687285973060925556094402",
                "234435223840660178706802459207356991944",
                "326194712350965534027802646538656094005"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@96ae4de5bc4c8ba39fd072369398f59495b73f58",
        "id": "CVE-2024-43842-93a96e33",
        "deprecated": false,
        "target": {
            "file": "drivers/net/wireless/realtek/rtw89/debug.c"
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "243560542029618654311372780178876366013",
                "304481900217710687285973060925556094402",
                "71656796752426926555833673120385440949",
                "250235455543378749507943441279721566309"
            ]
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.103
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.44
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.10.3