{"id":"CVE-2024-27391","summary":"wifi: wilc1000: do not realloc workqueue everytime an interface is added","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: do not realloc workqueue everytime an interface is added\n\nCommit 09ed8bfc5215 (\"wilc1000: Rename workqueue from \"WILC_wq\" to\n\"NETDEV-wq\"\") moved workqueue creation in wilc_netdev_ifc_init in order to\nset the interface name in the workqueue name. However, while the driver\nneeds only one workqueue, the wilc_netdev_ifc_init is called each time we\nadd an interface over a phy, which in turns overwrite the workqueue with a\nnew one. This can be observed with the following commands:\n\nfor i in $(seq 0 10)\ndo\n  iw phy phy0 interface add wlan1 type managed\n  iw dev wlan1 del\ndone\nps -eo pid,comm|grep wlan\n\n 39 kworker/R-wlan0\n 98 kworker/R-wlan1\n102 kworker/R-wlan1\n105 kworker/R-wlan1\n108 kworker/R-wlan1\n111 kworker/R-wlan1\n114 kworker/R-wlan1\n117 kworker/R-wlan1\n120 kworker/R-wlan1\n123 kworker/R-wlan1\n126 kworker/R-wlan1\n129 kworker/R-wlan1\n\nFix this leakage by putting back hif_workqueue allocation in\nwilc_cfg80211_init. Regarding the workqueue name, it is indeed relevant to\nset it lowercase, however it is not  attached to a specific netdev, so\nenforcing netdev name in the name is not so relevant. Still, enrich the\nname with the wiphy name to make it clear which phy is using the workqueue.","modified":"2026-04-02T10:07:56.828007Z","published":"2024-05-01T13:05:16.396Z","related":["SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27391.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/328efda22af81130c2ad981c110518cb29ff2f1d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4041c60a9d543b3ad50225385b072ba68e96166e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/515cc676dfbce40d93c92b1ff3c1070e917f4e52"},{"type":"WEB","url":"https://git.kernel.org/stable/c/90ae293d1d255f622318fce6eeea2e18f9fde5c1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9ab0c303ccabfd6bdce14432792d41090070008c"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27391.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27391"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"09ed8bfc5215ad5aac91c50008277b5586b9ef24"},{"fixed":"515cc676dfbce40d93c92b1ff3c1070e917f4e52"},{"fixed":"4041c60a9d543b3ad50225385b072ba68e96166e"},{"fixed":"90ae293d1d255f622318fce6eeea2e18f9fde5c1"},{"fixed":"9ab0c303ccabfd6bdce14432792d41090070008c"},{"fixed":"328efda22af81130c2ad981c110518cb29ff2f1d"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27391.json"}}],"schema_version":"1.7.5"}