CVE-2024-26683: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-26683 affects the Linux kernel's WiFi functionality, specifically related to the cfg80211 subsystem. The vulnerability was discovered when a validation check was added to prevent connections to access points (APs) during channel switch processes. This validation inadvertently caused connection failures when encountering APs that permanently advertise an extended channel switch announcement (ECSA). The issue was specifically identified with an Asus RT-AC53 router running firmware version 3.0.0.4.380_10760-g21a5898 (Kernel Git).

The vulnerability stems from a recent addition to the Linux kernel that validates whether an AP is in a channel switch process before attempting to connect. The validation was implemented to prevent connections during quiet periods or when the switch timing might interfere with the connection process. However, some APs, particularly the Asus RT-AC53, were found to permanently advertise an extended channel switch announcement (ECSA) with quiet mode enabled, leading to connection failures. The fix involves detecting stuck ECSA elements in probe responses to handle such situations appropriately (Kernel Git).

The vulnerability results in connection failures when attempting to connect to wireless access points that have a stuck ECSA element in their probe responses. This primarily affects users trying to connect to affected APs, such as the Asus RT-AC53 with specific firmware versions, preventing successful wireless connections (Kernel Git).

The issue has been resolved in the Linux kernel through patches that detect stuck ECSA elements in probe responses. The fix involves adding functionality to identify when an AP is advertising a permanent ECSA element and handling such cases appropriately (Kernel Git).