{"id":"CVE-2024-56539","summary":"wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[  356.775250] ------------[ cut here ]------------\n[  356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv-\u003essid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[  356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n    ssid_len = user_scan_in-\u003essid_list[i].ssid_len;\n    [...]\n    memcpy(wildcard_ssid_tlv-\u003essid,\n           user_scan_in-\u003essid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn't account for the size of the one-element\narray, so it doesn't need to be changed.","modified":"2026-03-20T12:39:49.246183Z","published":"2024-12-27T14:11:21.487Z","related":["SUSE-SU-2025:0117-1","SUSE-SU-2025:0152-1","SUSE-SU-2025:0153-1","SUSE-SU-2025:0154-1","SUSE-SU-2025:0201-1","SUSE-SU-2025:0201-2","SUSE-SU-2025:0202-1","SUSE-SU-2025:0203-1","SUSE-SU-2025:0229-1","SUSE-SU-2025:0230-1","SUSE-SU-2025:0231-1","SUSE-SU-2025:0289-1","SUSE-SU-2025:0565-1","SUSE-SU-2025:0603-1","SUSE-SU-2025:0784-1","SUSE-SU-2025:0833-1","SUSE-SU-2025:0833-2","SUSE-SU-2025:0834-1","SUSE-SU-2025:0835-1","SUSE-SU-2025:0847-1","SUSE-SU-2025:0853-1","SUSE-SU-2025:0855-1","SUSE-SU-2025:0856-1","SUSE-SU-2025:0867-1","SUSE-SU-2025:0945-1","SUSE-SU-2025:0955-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20190-1","SUSE-SU-2025:20192-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","SUSE-SU-2025:20260-1","SUSE-SU-2025:20270-1","USN-7276-1","USN-7277-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56539.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1de0ca1d7320a645ba2ee5954f64be08935b002a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/581261b2d6fdb4237b24fa13f5a5f87bf2861f2c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5fa329c44e1e635da2541eab28b6cdb8464fc8d1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a09760c513ae0f98c7082a1deace7fb6284ee866"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b466746cfb6be43f9a1457bbee52ade397fb23ea"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c4698ef8c42e02782604bf4f8a489dbf6b0c1365"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d241a139c2e9f8a479f25c75ebd5391e6a448500"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d7774910c5583e61c5fe2571280366624ef48036"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e2de22e4b6213371d9e76f74a10ce817572a8d74"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56539.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56539"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5e6e3a92b9a4c9416b17f468fa5c7fa2233b8b4e"},{"fixed":"a09760c513ae0f98c7082a1deace7fb6284ee866"},{"fixed":"1de0ca1d7320a645ba2ee5954f64be08935b002a"},{"fixed":"5fa329c44e1e635da2541eab28b6cdb8464fc8d1"},{"fixed":"581261b2d6fdb4237b24fa13f5a5f87bf2861f2c"},{"fixed":"b466746cfb6be43f9a1457bbee52ade397fb23ea"},{"fixed":"c4698ef8c42e02782604bf4f8a489dbf6b0c1365"},{"fixed":"e2de22e4b6213371d9e76f74a10ce817572a8d74"},{"fixed":"d7774910c5583e61c5fe2571280366624ef48036"},{"fixed":"d241a139c2e9f8a479f25c75ebd5391e6a448500"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56539.json"}}],"schema_version":"1.7.5"}