#VU92370 Input validation error in Linux kernel - CVE-2024-38567

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the carl9170_usb_probe() function in drivers/net/wireless/ath/carl9170/usb.c. A local user can perform a denial of service (DoS) attack.

Remediation

External links

• https://git.kernel.org/stable/c/eb0f2fc3ff5806cc572cd9055ce7c52a01e97645
• https://git.kernel.org/stable/c/ac3ed46a8741d464bc70ebdf7433c1d786cf329d
• https://git.kernel.org/stable/c/8650725bb0a48b206d5a8ddad3a7488f9a5985b7
• https://git.kernel.org/stable/c/6a9892bf24c906b4d6b587f8759ca38bff672582
• https://git.kernel.org/stable/c/265c3cda471c26e0f25d0c755da94e1eb15d7a0c
• https://git.kernel.org/stable/c/62eb07923f3693d55b0c2d9a5a4f1ad72cb6b8fd
• https://git.kernel.org/stable/c/03ddc74bdfd71b84a55c9f2185d8787f258422cd
• https://git.kernel.org/stable/c/0fa08a55201ab9be72bacb8ea93cf752d338184f
• https://git.kernel.org/stable/c/b6dd09b3dac89b45d1ea3e3bd035a3859c0369a0
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.316
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.161
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.278
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.93
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.12