CVE-2024-56543: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56543 affects the Linux kernel's ath12k WiFi driver. The vulnerability was discovered and disclosed on December 27, 2024, and involves an issue where the Rx TID cleanup process for self peer in the WiFi subsystem could cause system warnings and potential stability issues. The vulnerability specifically affects the ath12k driver for Qualcomm Wi-Fi 7 devices (Kernel Git).

During peer creation, data path setup is performed where Rx TID is updated for all TIDs. However, the peer object for self peer does not go through data path setup. When the core halts, data path cleanup is performed for all peers, leading to an invalid access of rx_tid::ab for self peers. This results in stack traces and system warnings at drivers/net/wireless/ath/ath12k/dp_rx.c:851. The issue stems from the original implementation in the driver for Qualcomm Wi-Fi 7 devices (Kernel Git).

The vulnerability can cause system warnings and potential stability issues when the WiFi driver attempts to clean up resources during core halt operations. While not a direct security threat, it could affect system reliability and potentially lead to system instability (NVD).

The vulnerability has been patched by modifying the cleanup process to skip Rx TID cleanup for self peers. The fix involves checking for the presence of a station (sta) object in the peer structure before performing the cleanup. The patch has been tested on QCN9274 hw2.0 PCI and WCN7850 hw2.0 PCI hardware (Kernel Git).