Linux Kernel ath11k Peer ID Handling Vulnerability

A vulnerability in the Linux kernel's ath11k wireless driver has been addressed. The issue arose because the driver failed to properly manage peer IDs when a station was disconnected, leading to a log message indicating that the peer with ID 0 could not be found. This problem occurred during the processing of monitoring status, particularly when a scan was conducted while the station was not connected. The root cause was traced to a previous commit that introduced a change in how status information was handled, leaving the peer ID improperly initialized. The vulnerability could result in misleading debug logs, but did not appear to have broader implications.

Impact

The vulnerability caused incorrect debug logging, which could lead to confusion during troubleshooting or monitoring processes. However, it did not seem to have any serious functional impact on the wireless driver or its performance.

Reproduction

The vulnerability could be reproduced by running a scan with a station disconnected. This would cause the peer ID to reset to 0, triggering the log message about the missing peer. The issue could be observed by monitoring the driver's debug output.

Remediation

The vulnerability has been fixed by updating the peer ID to a valid state after it is reset, ensuring that the monitoring process can correctly identify and manage peer connections.