SB2024060825 - Buffer overflow in Linux kernel ti wl1251 driver

Description

This security bulletin contains information about 1 security vulnerability.

1) Buffer overflow (CVE-ID: CVE-2021-47347)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the wl1251_cmd_scan() function in drivers/net/wireless/ti/wl1251/cmd.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/57ad99ae3c6738ba87bad259bb57c641ca68ebf6
• https://git.kernel.org/stable/c/d3d8b9c9c7843dce31e284927d4c9904fd5a510a
• https://git.kernel.org/stable/c/0f6c0488368c9ac1aa685821916fadba32f5d1ef
• https://git.kernel.org/stable/c/115103f6e3f1c26c473766c16439c7c8b235529a
• https://git.kernel.org/stable/c/d71dddeb5380613f9ef199f3e7368fd78fb1a46e
• https://git.kernel.org/stable/c/c5e4a10d7bd5d4f419d8b9705dff60cf69b302a1
• https://git.kernel.org/stable/c/302e2ee34c5f7c5d805b7f835d9a6f2b43474e2a
• https://git.kernel.org/stable/c/40af3960a15339e8bbd3be50c3bc7b35e1a0b6ea
• https://git.kernel.org/stable/c/d10a87a3535cce2b890897914f5d0d83df669c63
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.240
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.276
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.276
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.18
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.133