{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-27391","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-25T13:47:42.677Z","datePublished":"2024-05-01T13:05:16.396Z","dateUpdated":"2025-05-04T09:03:58.573Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:03:58.573Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: do not realloc workqueue everytime an interface is added\n\nCommit 09ed8bfc5215 (\"wilc1000: Rename workqueue from \"WILC_wq\" to\n\"NETDEV-wq\"\") moved workqueue creation in wilc_netdev_ifc_init in order to\nset the interface name in the workqueue name. However, while the driver\nneeds only one workqueue, the wilc_netdev_ifc_init is called each time we\nadd an interface over a phy, which in turns overwrite the workqueue with a\nnew one. This can be observed with the following commands:\n\nfor i in $(seq 0 10)\ndo\n  iw phy phy0 interface add wlan1 type managed\n  iw dev wlan1 del\ndone\nps -eo pid,comm|grep wlan\n\n 39 kworker/R-wlan0\n 98 kworker/R-wlan1\n102 kworker/R-wlan1\n105 kworker/R-wlan1\n108 kworker/R-wlan1\n111 kworker/R-wlan1\n114 kworker/R-wlan1\n117 kworker/R-wlan1\n120 kworker/R-wlan1\n123 kworker/R-wlan1\n126 kworker/R-wlan1\n129 kworker/R-wlan1\n\nFix this leakage by putting back hif_workqueue allocation in\nwilc_cfg80211_init. Regarding the workqueue name, it is indeed relevant to\nset it lowercase, however it is not  attached to a specific netdev, so\nenforcing netdev name in the name is not so relevant. Still, enrich the\nname with the wiphy name to make it clear which phy is using the workqueue."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/microchip/wilc1000/cfg80211.c","drivers/net/wireless/microchip/wilc1000/netdev.c"],"versions":[{"version":"09ed8bfc5215ad5aac91c50008277b5586b9ef24","lessThan":"515cc676dfbce40d93c92b1ff3c1070e917f4e52","status":"affected","versionType":"git"},{"version":"09ed8bfc5215ad5aac91c50008277b5586b9ef24","lessThan":"4041c60a9d543b3ad50225385b072ba68e96166e","status":"affected","versionType":"git"},{"version":"09ed8bfc5215ad5aac91c50008277b5586b9ef24","lessThan":"90ae293d1d255f622318fce6eeea2e18f9fde5c1","status":"affected","versionType":"git"},{"version":"09ed8bfc5215ad5aac91c50008277b5586b9ef24","lessThan":"9ab0c303ccabfd6bdce14432792d41090070008c","status":"affected","versionType":"git"},{"version":"09ed8bfc5215ad5aac91c50008277b5586b9ef24","lessThan":"328efda22af81130c2ad981c110518cb29ff2f1d","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/microchip/wilc1000/cfg80211.c","drivers/net/wireless/microchip/wilc1000/netdev.c"],"versions":[{"version":"5.17","status":"affected"},{"version":"0","lessThan":"5.17","status":"unaffected","versionType":"semver"},{"version":"6.1.83","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.23","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.7.11","lessThanOrEqual":"6.7.*","status":"unaffected","versionType":"semver"},{"version":"6.8.2","lessThanOrEqual":"6.8.*","status":"unaffected","versionType":"semver"},{"version":"6.9","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.1.83"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.6.23"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.7.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.8.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/515cc676dfbce40d93c92b1ff3c1070e917f4e52"},{"url":"https://git.kernel.org/stable/c/4041c60a9d543b3ad50225385b072ba68e96166e"},{"url":"https://git.kernel.org/stable/c/90ae293d1d255f622318fce6eeea2e18f9fde5c1"},{"url":"https://git.kernel.org/stable/c/9ab0c303ccabfd6bdce14432792d41090070008c"},{"url":"https://git.kernel.org/stable/c/328efda22af81130c2ad981c110518cb29ff2f1d"}],"title":"wifi: wilc1000: do not realloc workqueue everytime an interface is added","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-27391","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-05-01T15:19:57.671573Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-05T17:22:45.010Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T00:34:52.229Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/515cc676dfbce40d93c92b1ff3c1070e917f4e52","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/4041c60a9d543b3ad50225385b072ba68e96166e","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/90ae293d1d255f622318fce6eeea2e18f9fde5c1","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/9ab0c303ccabfd6bdce14432792d41090070008c","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/328efda22af81130c2ad981c110518cb29ff2f1d","tags":["x_transferred"]}]}]}}