{ "threat_severity" : "Moderate", "public_date" : "2024-05-17T00:00:00Z", "bugzilla" : { "description" : "kernel: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK", "id" : "2281133", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2281133" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nwifi: iwlwifi: mvm: don't set the MFP flag for the GTK\nThe firmware doesn't need the MFP flag for the GTK, it can even make the\nfirmware crash. in case the AP is configured with: group cipher TKIP and\nMFPC. We would send the GTK with cipher = TKIP and MFP which is of course\nnot possible.", "CVE-2024-27434 is a flaw in the Linux kernel’s iwlwifi driver related to handling Management Frame Protection (MFP) in certain Wi-Fi configurations. When connecting to an access point using TKIP as the group cipher, the driver incorrectly applies the MFP flag to the Group Temporal Key (GTK), which is not supported in this context. This can result in firmware crashes and instability. The issue has been fixed by ensuring the driver does not set the MFP flag for incompatible group ciphers like TKIP. Updating to a patched kernel version is recommended to resolve this vulnerability." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2024-08-08T00:00:00Z", "advisory" : "RHSA-2024:5102", "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv", "package" : "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2024-08-08T00:00:00Z", "advisory" : "RHSA-2024:5101", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-553.16.1.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-08-15T00:00:00Z", "advisory" : "RHSA-2024:5363", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.31.1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-08-15T00:00:00Z", "advisory" : "RHSA-2024:5363", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.31.1.el9_4" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-27434\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27434\nhttps://lore.kernel.org/linux-cve-announce/2024051756-CVE-2024-27434-ac61@gregkh/T" ], "name" : "CVE-2024-27434", "csaw" : false }