cve/2024/CVE-2024-56543.md

### [CVE-2024-56543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56543)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=d889913205cf7ebda905b1e62c5867ed4e39f6c2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:wifi: ath12k: Skip Rx TID cleanup for self peerDuring peer create, dp setup for the peer is done where Rx TID isupdated for all the TIDs. Peer object for self peer will not go throughdp setup.When core halts, dp cleanup is done for all the peers. While cleanup,rx_tid::ab is accessed which causes below stack trace for self peer.WARNING: CPU: 6 PID: 12297 at drivers/net/wireless/ath/ath12k/dp_rx.c:851Call Trace:__warn+0x7b/0x1a0ath12k_dp_rx_frags_cleanup+0xd2/0xe0 [ath12k]report_bug+0x10b/0x200handle_bug+0x3f/0x70exc_invalid_op+0x13/0x60asm_exc_invalid_op+0x16/0x20ath12k_dp_rx_frags_cleanup+0xd2/0xe0 [ath12k]ath12k_dp_rx_frags_cleanup+0xca/0xe0 [ath12k]ath12k_dp_rx_peer_tid_cleanup+0x39/0xa0 [ath12k]ath12k_mac_peer_cleanup_all+0x61/0x100 [ath12k]ath12k_core_halt+0x3b/0x100 [ath12k]ath12k_core_reset+0x494/0x4c0 [ath12k]sta object in peer will be updated when remote peer is created. Henceuse peer::sta to detect the self peer and skip the cleanup.Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/cku-heise/euvd-api-doc