Linux Kernel mac80211 S1G Action Frame Size Vulnerability

A vulnerability in the Linux kernel's mac80211 component has been addressed. The issue involved improper validation of the size of S1G action frames in Wi-Fi communications. Before evaluating the action code, the kernel now ensures that the action frame exists and is of the appropriate size. This vulnerability could potentially lead to incorrect handling of Wi-Fi action frames, which are crucial for managing various aspects of wireless communication.

Impact

The vulnerability could have allowed for improper processing of Wi-Fi action frames, potentially leading to issues in wireless communication management.

Reproduction

The vulnerability can be reproduced by sending S1G action frames that do not conform to the expected size requirements. This can be done using a tool like Syzkaller, which is mentioned in the context as having reported the issue.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. The specific commit addressing this issue is available in the Linux kernel stable tree.