SB2024070703 - Resource management error in Linux kernel ath ar5523 driver

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2024-38565)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ar5523_probe() function in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/79ddf5f2020fd593d50f1363bb5131283d74f78f
• https://git.kernel.org/stable/c/68a5a00c5d38978a3f8460c6f182f7beec8688ff
• https://git.kernel.org/stable/c/ee25389df80138907bc9dcdf4a2be2067cde9a81
• https://git.kernel.org/stable/c/b4c24de37a6bb383394a6fef2b85a6db41d426f5
• https://git.kernel.org/stable/c/34f7ebff1b9699e0b89fa58b693bc098c2f5ec72
• https://git.kernel.org/stable/c/b33a81e4ecfb022b028cae37d1c1ce28ac1b359d
• https://git.kernel.org/stable/c/beeed260b92af158592f5e8d2dab65dae45c6f70
• https://git.kernel.org/stable/c/7bbf76c9bb2c58375e183074e44f9712483f0603
• https://git.kernel.org/stable/c/e120b6388d7d88635d67dcae6483f39c37111850
• https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.316
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.161
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.278
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.93
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.12