{"id":"CVE-2024-27434","summary":"wifi: iwlwifi: mvm: don't set the MFP flag for the GTK","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don't set the MFP flag for the GTK\n\nThe firmware doesn't need the MFP flag for the GTK, it can even make the\nfirmware crash. in case the AP is configured with: group cipher TKIP and\nMFPC. We would send the GTK with cipher = TKIP and MFP which is of course\nnot possible.","modified":"2026-04-02T10:07:58.206783Z","published":"2024-05-17T12:08:50.896Z","related":["ALSA-2024:5102","ALSA-2024:5363","SUSE-SU-2024:2135-1","SUSE-SU-2024:2203-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20249-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27434.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/40405cbb20eb6541c603e7b3d54ade0a7be9d715"},{"type":"WEB","url":"https://git.kernel.org/stable/c/60f6d5fc84a9fd26528a24d8a267fc6a6698b628"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e35f316bce9e5733c9826120c1838f4c447b2c4c"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27434.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27434"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5c75a208c2449c6ea24f07610cc052f6a352246c"},{"fixed":"b4f1b0b3b91762edd19bf9d3b2e4c3a0740501f8"},{"fixed":"40405cbb20eb6541c603e7b3d54ade0a7be9d715"},{"fixed":"60f6d5fc84a9fd26528a24d8a267fc6a6698b628"},{"fixed":"e35f316bce9e5733c9826120c1838f4c447b2c4c"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27434.json"}}],"schema_version":"1.7.5"}