Fixed
Created: Apr 10, 2024
Updated: Dec 2, 2024
Resolved Date: Dec 2, 2024
Found In Version: 10.21.20.1
Fix Version: 10.21.20.8
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
If the userspace tools switch from NL80211_IFTYPE_P2P_GO to
NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it
does not call the cleanup cfg80211_stop_ap(), this leads to the
initialization of in-use data. For example, this path re-init the
sdata->assigned_chanctx_list while it is still an element of
assigned_vifs list, and makes that linked list corrupt.
CREATE(Triage):(User=admin) CVE-2021-47194 (https://nvd.nist.gov/vuln/detail/CVE-2021-47194)
