{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-49938","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-10-21T12:17:06.042Z","datePublished":"2024-10-21T18:01:58.359Z","dateUpdated":"2026-01-05T10:54:32.382Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-01-05T10:54:32.382Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\n\nSyzbot points out that skb_trim() has a sanity check on the existing length of\nthe skb, which can be uninitialised in some error paths. The intent here is\nclearly just to reset the length to zero before resubmitting, so switch to\ncalling __skb_set_length(skb, 0) directly. In addition, __skb_set_length()\nalready contains a call to skb_reset_tail_pointer(), so remove the redundant\ncall.\n\nThe syzbot report came from ath9k_hif_usb_reg_in_cb(), but there's a similar\nusage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we're at it."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/ath/ath9k/hif_usb.c"],"versions":[{"version":"fb9987d0f748c983bb795a86f47522313f701a08","lessThan":"e6b9bf32e0695e4f374674002de0527d2a6768eb","status":"affected","versionType":"git"},{"version":"fb9987d0f748c983bb795a86f47522313f701a08","lessThan":"d1f2fbc6a769081503f6ffedbb5cd1ac497f0e77","status":"affected","versionType":"git"},{"version":"fb9987d0f748c983bb795a86f47522313f701a08","lessThan":"b02eb7c86ff2ef1411c3095ec8a52b13f68db04f","status":"affected","versionType":"git"},{"version":"fb9987d0f748c983bb795a86f47522313f701a08","lessThan":"012ae530afa0785102360de452745d33c99a321b","status":"affected","versionType":"git"},{"version":"fb9987d0f748c983bb795a86f47522313f701a08","lessThan":"6a875220670475d9247e576c15dc29823100a4e4","status":"affected","versionType":"git"},{"version":"fb9987d0f748c983bb795a86f47522313f701a08","lessThan":"e37e348835032d6940ec89308cc8996ded691d2d","status":"affected","versionType":"git"},{"version":"fb9987d0f748c983bb795a86f47522313f701a08","lessThan":"2c230210ec0ae6ed08306ac70dc21c24b817bb95","status":"affected","versionType":"git"},{"version":"fb9987d0f748c983bb795a86f47522313f701a08","lessThan":"a9f4e28e8adaf0715bd4e01462af0a52ee46b01f","status":"affected","versionType":"git"},{"version":"fb9987d0f748c983bb795a86f47522313f701a08","lessThan":"94745807f3ebd379f23865e6dab196f220664179","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/ath/ath9k/hif_usb.c"],"versions":[{"version":"2.6.35","status":"affected"},{"version":"0","lessThan":"2.6.35","status":"unaffected","versionType":"semver"},{"version":"4.19.323","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.285","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.227","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.168","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.113","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.55","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.14","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11.3","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"4.19.323"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"5.4.285"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"5.10.227"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"5.15.168"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.1.113"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.6.55"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.10.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.11.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/e6b9bf32e0695e4f374674002de0527d2a6768eb"},{"url":"https://git.kernel.org/stable/c/d1f2fbc6a769081503f6ffedbb5cd1ac497f0e77"},{"url":"https://git.kernel.org/stable/c/b02eb7c86ff2ef1411c3095ec8a52b13f68db04f"},{"url":"https://git.kernel.org/stable/c/012ae530afa0785102360de452745d33c99a321b"},{"url":"https://git.kernel.org/stable/c/6a875220670475d9247e576c15dc29823100a4e4"},{"url":"https://git.kernel.org/stable/c/e37e348835032d6940ec89308cc8996ded691d2d"},{"url":"https://git.kernel.org/stable/c/2c230210ec0ae6ed08306ac70dc21c24b817bb95"},{"url":"https://git.kernel.org/stable/c/a9f4e28e8adaf0715bd4e01462af0a52ee46b01f"},{"url":"https://git.kernel.org/stable/c/94745807f3ebd379f23865e6dab196f220664179"}],"title":"wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-49938","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-10-22T13:38:08.567983Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-22T13:38:50.969Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:23:23.575Z"}}]}}