Linux Kernel iwlwifi Driver 6E Command Handling Vulnerability on AX201

A vulnerability in the Linux kernel's iwlwifi driver for Intel wireless devices has been addressed. The issue arose because the driver was sending a command related to Wi-Fi 6E support to devices that do not actually support it, specifically the AX201 model. This mismatch caused the firmware to crash. The problem occurred because the firmware incorrectly advertised 6E support for the AX201 device.

Impact

The vulnerability could lead to a firmware crash on affected devices.

Reproduction

The vulnerability can be reproduced on an Intel AX201 device running a version of the Linux kernel prior to the patch. When the iwlwifi driver is loaded, it will send the MCC_ALLOWED_AP_TYPE_CMD command, which is related to Wi-Fi 6E support, despite the fact that the AX201 does not support 6E. This will cause the firmware to crash.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been fixed. The specific commit that addresses this issue is 323156c3541e23da7e582008a7ac30cd51b60acd.