{"id":"CVE-2024-43841","summary":"wifi: virt_wifi: avoid reporting connection success with wrong SSID","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: virt_wifi: avoid reporting connection success with wrong SSID\n\nWhen user issues a connection with a different SSID than the one\nvirt_wifi has advertised, the __cfg80211_connect_result() will\ntrigger the warning: WARN_ON(bss_not_found).\n\nThe issue is because the connection code in virt_wifi does not\ncheck the SSID from user space (it only checks the BSSID), and\nvirt_wifi will call cfg80211_connect_result() with WLAN_STATUS_SUCCESS\neven if the SSID is different from the one virt_wifi has advertised.\nEventually cfg80211 won't be able to find the cfg80211_bss and generate\nthe warning.\n\nFixed it by checking the SSID (from user space) in the connection code.","modified":"2026-04-02T12:18:20.219456Z","published":"2024-08-17T09:21:56.517Z","related":["MGASA-2024-0309","MGASA-2024-0310","SUSE-SU-2024:3190-1","SUSE-SU-2024:3194-1","SUSE-SU-2024:3195-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3383-1","SUSE-SU-2024:3483-1","SUSE-SU-2025:20044-1","SUSE-SU-2025:20047-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43841.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/05c4488a0e446c6ccde9f22b573950665e1cd414"},{"type":"WEB","url":"https://git.kernel.org/stable/c/36e92b5edc8e0daa18e9325674313802ce3fbc29"},{"type":"WEB","url":"https://git.kernel.org/stable/c/416d3c1538df005195721a200b0371d39636e05d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/93e898a264b4e0a475552ba9f99a016eb43ef942"},{"type":"WEB","url":"https://git.kernel.org/stable/c/994fc2164a03200c3bf42fb45b3d49d9d6d33a4d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b5d14b0c6716fad7f0c94ac6e1d6f60a49f985c7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d3cc85a10abc8eae48988336cdd3689ab92581b3"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43841.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43841"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c7cdba31ed8b87526db978976392802d3f93110c"},{"fixed":"994fc2164a03200c3bf42fb45b3d49d9d6d33a4d"},{"fixed":"05c4488a0e446c6ccde9f22b573950665e1cd414"},{"fixed":"93e898a264b4e0a475552ba9f99a016eb43ef942"},{"fixed":"d3cc85a10abc8eae48988336cdd3689ab92581b3"},{"fixed":"36e92b5edc8e0daa18e9325674313802ce3fbc29"},{"fixed":"416d3c1538df005195721a200b0371d39636e05d"},{"fixed":"b5d14b0c6716fad7f0c94ac6e1d6f60a49f985c7"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-43841.json"}}],"schema_version":"1.7.5"}