CVE-2024-26897

wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete

References

https://cve.org/CVERecord/?id=CVE-2024-26897

Notes

 carnil> Introduced in 8b3046abc99e ("ath9k_htc: fix NULL pointer dereference at
 carnil> ath9k_htc_tx_get_packet()"). Vulnerable versions: 5.10.136 5.15.17 5.16.3
 carnil> 5.17-rc1.

Bugs

Status

Branch	Status
4.19-buster-security	N/A "Vulnerable code not present"
4.19-upstream-stable	N/A "Vulnerable code not present"
5.10-bullseye-security	released (5.10.216-1)
5.10-upstream-stable	released (5.10.214) [1bc5461a21c56a36e2a7d81e152b90ce019a3905]
6.1-bookworm-security	released (6.1.85-1)
6.1-upstream-stable	released (6.1.83) [74d0639261dd795dce958d1b14815bdcbb48a715]
6.6-upstream-stable	released (6.6.23) [a015fbf698c8957aa5fbeefc5c59dd2cf3107298]
6.8-upstream-stable	released (6.8.2) [4afa0246656d5680c8a4c3fb37ba6570c4ab819b]
sid	released (6.7.12-1)
upstream	released (6.9-rc1) [24355fcb0d4cbcb6ddda262596558e8cfba70f11]