VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-9hr2-pz1m-muh9

Essentials
Severities (11)
References (19)
Severity details (7)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-9hr2-pz1m-muh9
Aliases	CVE-2024-36922
Summary	In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock If we read txq->read_ptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice, resulting in the WARN_ONCE() a little later. Fix that by reading txq->read_ptr under lock.
Status	Published
Exploitability	0.5
Weighted Severity	4.0
Risk	2.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-413

Improper Resource Locking

System	Score	Found at
cvssv3	4.4	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36922.json
epss	8e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-36922
epss	8e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-36922
epss	8e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-36922
epss	8e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-36922
cvssv3.1	4.7	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://git.kernel.org/stable/c/43d07103df670484cdd26f9588eabef80f69db89
ssvc	Track	https://git.kernel.org/stable/c/aab7b39fcac5f6165f6434bcbb56bb7865d4ad2b
ssvc	Track	https://git.kernel.org/stable/c/b83db8e756dec68a950ed2f056248b1704b3deaa
ssvc	Track	https://git.kernel.org/stable/c/c2ace6300600c634553657785dfe5ea0ed688ac2
ssvc	Track	https://git.kernel.org/stable/c/f30e8af109818c9db08cbcc46eb9713fe4b530ba

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36922.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-36922
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36922
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2284511		https://bugzilla.redhat.com/show_bug.cgi?id=2284511
43d07103df670484cdd26f9588eabef80f69db89		https://git.kernel.org/stable/c/43d07103df670484cdd26f9588eabef80f69db89
aab7b39fcac5f6165f6434bcbb56bb7865d4ad2b		https://git.kernel.org/stable/c/aab7b39fcac5f6165f6434bcbb56bb7865d4ad2b
b83db8e756dec68a950ed2f056248b1704b3deaa		https://git.kernel.org/stable/c/b83db8e756dec68a950ed2f056248b1704b3deaa
c2ace6300600c634553657785dfe5ea0ed688ac2		https://git.kernel.org/stable/c/c2ace6300600c634553657785dfe5ea0ed688ac2
f30e8af109818c9db08cbcc46eb9713fe4b530ba		https://git.kernel.org/stable/c/f30e8af109818c9db08cbcc46eb9713fe4b530ba
RHSA-2024:5363		https://access.redhat.com/errata/RHSA-2024:5363
RHSA-2024:5364		https://access.redhat.com/errata/RHSA-2024:5364
RHSA-2024:5365		https://access.redhat.com/errata/RHSA-2024:5365
RHSA-2024:7000		https://access.redhat.com/errata/RHSA-2024:7000
USN-6949-1		https://usn.ubuntu.com/6949-1/
USN-6949-2		https://usn.ubuntu.com/6949-2/
USN-6952-1		https://usn.ubuntu.com/6952-1/
USN-6952-2		https://usn.ubuntu.com/6952-2/
USN-6955-1		https://usn.ubuntu.com/6955-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36922.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/ Found at https://git.kernel.org/stable/c/43d07103df670484cdd26f9588eabef80f69db89

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/ Found at https://git.kernel.org/stable/c/aab7b39fcac5f6165f6434bcbb56bb7865d4ad2b

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/ Found at https://git.kernel.org/stable/c/b83db8e756dec68a950ed2f056248b1704b3deaa

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/ Found at https://git.kernel.org/stable/c/c2ace6300600c634553657785dfe5ea0ed688ac2

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/ Found at https://git.kernel.org/stable/c/f30e8af109818c9db08cbcc46eb9713fe4b530ba

Exploit Prediction Scoring System (EPSS)

Percentile	0.0087
EPSS Score	8e-05
Published At	June 5, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:50:44.475708+00:00	Debian Importer	Import	https://security-tracker.debian.org/tracker/data/json	38.6.0