Vulnerability Lookup

🛡️ CVE-2024-47713

🟡 CVSS 5.5 — Medium ✅ No Known Exploit NVD

5.5

CVSS Score

0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() Since '__dev_queue_xmit()' should be called with interrupts enabled, the following backtrace: ieee80211_do_stop() ... spin_lock_irqsave(&local->queue_stop_reason_lock, flags) ... ieee80211_free_txskb() ieee80211_report_used_skb() ieee80211_report_ack_skb() cfg80211_mgmt_tx_status_ext() nl80211_frame_tx_status() genlmsg_multicast_netns() genlmsg_multicast_netns_filtered() nlmsg_multicast_filtered() netlink_broadcast_filtered() do_one_broadcast() netlink_broadcast_deliver() __netlink_sendskb() netlink_deliver_tap() __netlink_deliver_tap_skb() dev_queue_xmit() __dev_queue_xmit() ; with IRQS disabled ... spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags) issues the warning (as reported by syzbot reproducer): WARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120 Fix this by implementing a two-phase skb reclamation in 'ieee80211_do_stop()', where actual work is performed outside of a section with interrupts disabled.

Details

Severity MEDIUM

CVSS Score 5.5

CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE N/A

Public Exploit ✅ No

Source NVD

Published 2024-10-21

Updated 2026-06-02

Modified 2026-05-12

Fix URL https://git.kernel.org/stable/c/058c9026ad79dc98572442fd4c7e9a36aba6f596

Affected Packages

Software	From version	Fixed in
linux-kernel	6.11	6.11.2

References

https://git.kernel.org/stable/c/04f75f5bae33349283d6886901d9acd2f110c024

Patch https://git.kernel.org/stable/c/058c9026ad79dc98572442fd4c7e9a36aba6f596

https://git.kernel.org/stable/c/07eb0bd7b0a8abed9d45e0f567c9af1dc83e5268

Patch https://git.kernel.org/stable/c/9d301de12da6e1bb069a9835c38359b8e8135121

Patch https://git.kernel.org/stable/c/acb53a716e492a02479345157c43f21edc8bc64b

Patch https://git.kernel.org/stable/c/ad4b7068b101fbbb4a9ca4b99b25eb051a9482ec

Patch https://git.kernel.org/stable/c/db5ca4b42ccfa42d2af7b335ff12578e57775c02

Patch https://git.kernel.org/stable/c/eab272972cffff9cd973b8e4055a8e81c64f7e6a

Patch https://git.kernel.org/stable/c/f232916fab67ca1c3425926df4a866e59ff26908

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

https://cert-portal.siemens.com/productcert/html/ssa-355557.html

🔗 NVD 🔗 Mitre ✅ Fix / Advisory

Similar Threats

Patch Gap Protection

Running software with known vulnerabilities?

BotEraser can help reduce exposure by blocking IPs associated with exploit activity — even before a patch is available.

Start Free →

No credit card required · Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.

Running software with known vulnerabilities?

Company

Resources

Services

Trusted

Subscribe