CVE-2024-56539

wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following warning on a MT8173 Chromebook (mt8173-elm-hana): [ 356.775250] ------------[ cut here ]------------ [ 356.784543] memcpy: detected field-spanning write (size 6) of single field "wildcard_ssid_tlv->ssid" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1) [ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex] The "(size 6)" above is exactly the length of the SSID of the network this device was connected to. The source of the warning looks like: ssid_len = user_scan_in->ssid_list[i].ssid_len; [...] memcpy(wildcard_ssid_tlv->ssid, user_scan_in->ssid_list[i].ssid, ssid_len); There is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this struct, but it already didn't account for the size of the one-element array, so it doesn't need to be changed.

N/A
CVSS
Severity:
EPSS 0.07%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/a09760c513ae0f98c7082a1deace7fb6284ee866
https://git.kernel.org/stable/c/1de0ca1d7320a645ba2ee5954f64be08935b002a
https://git.kernel.org/stable/c/5fa329c44e1e635da2541eab28b6cdb8464fc8d1
https://git.kernel.org/stable/c/581261b2d6fdb4237b24fa13f5a5f87bf2861f2c
https://git.kernel.org/stable/c/b466746cfb6be43f9a1457bbee52ade397fb23ea
https://git.kernel.org/stable/c/c4698ef8c42e02782604bf4f8a489dbf6b0c1365
https://git.kernel.org/stable/c/e2de22e4b6213371d9e76f74a10ce817572a8d74
https://git.kernel.org/stable/c/d7774910c5583e61c5fe2571280366624ef48036
https://git.kernel.org/stable/c/d241a139c2e9f8a479f25c75ebd5391e6a448500

Frequently Asked Questions

What is the severity of CVE-2024-56539?
CVE-2024-56539 has not yet been assigned a CVSS score.
How to fix CVE-2024-56539?
To fix CVE-2024-56539, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-56539 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-56539 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-56539?
CVE-2024-56539 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.