Ubuntu
linux package

UBSAN: shift-out-of-bounds in WiFi driver (iwlwifi/mvm/mac-ctxt.c)

Bug #1998576 reported by Manah on 2022-12-02

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Confirmed	Undecided	Unassigned

Bug Description

Hello all!

On Ubuntu 20.04.5 LTS, when I use the mdk3 tool (https://github.com/aircrack-ng/mdk3, also available in Ubuntu PPA), it raises a kernel exception in the Wi-Fi driver:

UBSAN: shift-out-of-bounds in /build/linux-hwe-5.15-ZCQu4B/linux-hwe-5.15-5.15.0/drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c:669:22
shift exponent 65535 is too large for 64-bit type 'long unsigned int'

The exact command I use is :

mdk3 wlp2s0 b -f somefile.txt -a -s 200

(Where wlp2s0 is my main Wi-Fi interface.)
Here is the full logs:

Dec 2 09:22:38 red-october kernel: [ 1228.100538] ================================================================================
Dec 2 09:22:38 red-october kernel: [ 1228.100614] UBSAN: shift-out-of-bounds in /build/linux-hwe-5.15-ZCQu4B/linux-hwe-5.15-5.15.0/drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c:669:22
Dec 2 09:22:38 red-october kernel: [ 1228.100714] shift exponent 65535 is too large for 64-bit type 'long unsigned int'
Dec 2 09:22:38 red-october kernel: [ 1228.102683] CPU: 3 PID: 5865 Comm: ifconfig Tainted: P OE 5.15.0-53-generic #59~20.04.1-Ubuntu
Dec 2 09:22:38 red-october kernel: [ 1228.102689] Hardware name: ASUSTeK COMPUTER INC. ROG Zephyrus G14 GA401II_GA401II/GA401II, BIOS GA401II.220 03/14/2022
Dec 2 09:22:38 red-october kernel: [ 1228.102693] Call Trace:
Dec 2 09:22:38 red-october kernel: [ 1228.102696] <TASK>
Dec 2 09:22:38 red-october kernel: [ 1228.102701] dump_stack_lvl+0x4a/0x63
Dec 2 09:22:38 red-october kernel: [ 1228.102713] dump_stack+0x10/0x16
Dec 2 09:22:38 red-october kernel: [ 1228.102718] ubsan_epilogue+0x9/0x49
Dec 2 09:22:38 red-october kernel: [ 1228.102723] __ubsan_handle_shift_out_of_bounds.cold+0x61/0x10e
Dec 2 09:22:38 red-october kernel: [ 1228.102734] iwl_mvm_mac_ctxt_cmd_listener.cold+0x20/0x32 [iwlmvm]
Dec 2 09:22:38 red-october kernel: [ 1228.102770] iwl_mvm_mac_ctx_send+0x8b/0xd0 [iwlmvm]
Dec 2 09:22:38 red-october kernel: [ 1228.102798] iwl_mvm_mac_ctxt_add+0x44/0xf0 [iwlmvm]
Dec 2 09:22:38 red-october kernel: [ 1228.102821] iwl_mvm_mac_add_interface+0x133/0x350 [iwlmvm]
Dec 2 09:22:38 red-october kernel: [ 1228.102847] drv_add_interface+0x4a/0x100 [mac80211]
Dec 2 09:22:38 red-october kernel: [ 1228.102912] ieee80211_add_virtual_monitor+0x11a/0x330 [mac80211]
Dec 2 09:22:38 red-october kernel: [ 1228.102980] ieee80211_do_open+0x867/0x970 [mac80211]
Dec 2 09:22:38 red-october kernel: [ 1228.103041] ? ieee80211_check_concurrent_iface+0x158/0x1d0 [mac80211]
Dec 2 09:22:38 red-october kernel: [ 1228.103104] ieee80211_open+0x70/0x90 [mac80211]
Dec 2 09:22:38 red-october kernel: [ 1228.103165] __dev_open+0xe8/0x1a0
Dec 2 09:22:38 red-october kernel: [ 1228.103172] __dev_change_flags+0x190/0x200
Dec 2 09:22:38 red-october kernel: [ 1228.103178] dev_change_flags+0x26/0x70
Dec 2 09:22:38 red-october kernel: [ 1228.103183] devinet_ioctl+0x5f2/0x780
Dec 2 09:22:38 red-october kernel: [ 1228.103192] inet_ioctl+0x169/0x190
Dec 2 09:22:38 red-october kernel: [ 1228.103199] sock_do_ioctl+0x47/0x100
Dec 2 09:22:38 red-october kernel: [ 1228.103206] sock_ioctl+0xf3/0x310
Dec 2 09:22:38 red-october kernel: [ 1228.103211] ? syscall_exit_to_user_mode+0x27/0x50
Dec 2 09:22:38 red-october kernel: [ 1228.103218] ? do_syscall_64+0x69/0xc0
Dec 2 09:22:38 red-october kernel: [ 1228.103223] __x64_sys_ioctl+0x95/0xd0
Dec 2 09:22:38 red-october kernel: [ 1228.103232] do_syscall_64+0x5c/0xc0
Dec 2 09:22:38 red-october kernel: [ 1228.103236] ? irqentry_exit_to_user_mode+0x9/0x20
Dec 2 09:22:38 red-october kernel: [ 1228.103241] ? irqentry_exit+0x1d/0x30
Dec 2 09:22:38 red-october kernel: [ 1228.103246] ? exc_page_fault+0x89/0x170
Dec 2 09:22:38 red-october kernel: [ 1228.103252] entry_SYSCALL_64_after_hwframe+0x61/0xcb
Dec 2 09:22:38 red-october kernel: [ 1228.103257] RIP: 0033:0x7f487d3b63ab
Dec 2 09:22:38 red-october kernel: [ 1228.103263] Code: 0f 1e fa 48 8b 05 e5 7a 0d 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b5 7a 0d 00 f7 d8 64 89 01 48
Dec 2 09:22:38 red-october kernel: [ 1228.103267] RSP: 002b:00007ffc147740a8 EFLAGS: 00000202 ORIG_RAX: 0000000000000010
Dec 2 09:22:38 red-october kernel: [ 1228.103273] RAX: ffffffffffffffda RBX: 00007ffc147740b0 RCX: 00007f487d3b63ab
Dec 2 09:22:38 red-october kernel: [ 1228.103276] RDX: 00007ffc147740b0 RSI: 0000000000008914 RDI: 0000000000000004
Dec 2 09:22:38 red-october kernel: [ 1228.103278] RBP: 00007ffc14774160 R08: 0000000000000008 R09: 0000561e451b2940
Dec 2 09:22:38 red-october kernel: [ 1228.103281] R10: 0000000000000021 R11: 0000000000000202 R12: 0000000000000041
Dec 2 09:22:38 red-october kernel: [ 1228.103283] R13: 00007ffc14774458 R14: 0000000000000000 R15: 0000000000000000
Dec 2 09:22:38 red-october kernel: [ 1228.103288] </TASK>
Dec 2 09:22:38 red-october kernel: [ 1228.103290] ================================================================================
Dec 2 09:22:38 red-october kernel: [ 1228.109299] IPv6: ADDRCONF(NETDEV_CHANGE): wlp2s0: link becomes ready
Dec 2 09:22:38 red-october kernel: [ 1228.131698] device wlp2s0 entered promiscuous mode
Dec 2 09:23:29 red-october kernel: [ 1278.805519] AppRun[2337]: segfault at 8 ip 00007f6b8401cb41 sp 00007ffd8c7daa70 error 4 in libQt5DBus.so.5[7f6b83feb000+8d000]
Dec 2 09:23:29 red-october kernel: [ 1278.805537] Code: 00 00 00 c3 90 0f 1f 40 00 48 8b 47 08 8b 80 a0 00 00 00 c3 90 0f 1f 40 00 41 57 41 56 41 55 41 54 49 89 fc 55 53 48 83 ec 48 <48> 8b 5e 08 64 48 8b 04 25 28 00 00 00 48 89 44 24 38 31 c0 80 bb
---
ProblemType: Bug
ApportVersion: 2.20.11-0ubuntu27.25
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC2: manah 1805 F.... pulseaudio
/dev/snd/controlC0: manah 1805 F.... pulseaudio
/dev/snd/controlC1: manah 1805 F.... pulseaudio
CasperMD5CheckResult: skip
CurrentDesktop: i3
DistroRelease: Ubuntu 20.04
InstallationDate: Installed on 2021-02-05 (667 days ago)
InstallationMedia: Ubuntu 20.04.1 LTS "Focal Fossa" - Release amd64 (20200731)
MachineType: ASUSTeK COMPUTER INC. ROG Zephyrus G14 GA401II_GA401II
NonfreeKernelModules: nvidia_modeset nvidia
Package: linux (not installed)
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=fr_FR.UTF-8
SHELL=/bin/bash
ProcFB: 0 amdgpudrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-53-generic root=UUID=3995421e-0915-4983-a047-4eb41a9e5873 ro quiet splash vt.handoff=7
ProcVersionSignature: Ubuntu 5.15.0-53.59~20.04.1-generic 5.15.64
RelatedPackageVersions:
linux-restricted-modules-5.15.0-53-generic N/A
linux-backports-modules-5.15.0-53-generic N/A
linux-firmware 1.201.5+system76~1646062142~20.04~b05e0ab~dev
Tags: focal
Uname: Linux 5.15.0-53-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip docker libvirt lpadmin lxd plugdev sambashare sudo vboxusers
_MarkForUpload: True
dmi.bios.date: 03/14/2022
dmi.bios.release: 5.16
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: GA401II.220
dmi.board.asset.tag: ATN12345678901234567
dmi.board.name: GA401II
dmi.board.vendor: ASUSTeK COMPUTER INC.
dmi.board.version: 1.0
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 10
dmi.chassis.vendor: ASUSTeK COMPUTER INC.
dmi.chassis.version: 1.0
dmi.ec.firmware.release: 3.15
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrGA401II.220:bd03/14/2022:br5.16:efr3.15:svnASUSTeKCOMPUTERINC.:pnROGZephyrusG14GA401II_GA401II:pvr1.0:rvnASUSTeKCOMPUTERINC.:rnGA401II:rvr1.0:cvnASUSTeKCOMPUTERINC.:ct10:cvr1.0:sku:
dmi.product.family: ROG Zephyrus G14
dmi.product.name: ROG Zephyrus G14 GA401II_GA401II
dmi.product.version: 1.0
dmi.sys.vendor: ASUSTeK COMPUTER INC.

See original description

Tags:

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2022-12-02: Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1998576

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status:	New → Incomplete

Revision history for this message

Manah (manah) wrote on 2022-12-05: AlsaInfo.txt

AlsaInfo.txt Edit (51.0 KiB, text/plain)

apport information

tags:	added: apport-collected focal
description:	updated

Revision history for this message

Manah (manah) wrote on 2022-12-05: CRDA.txt

CRDA.txt Edit (2.8 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: CurrentDmesg.txt

CurrentDmesg.txt Edit (91.9 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: IwConfig.txt

IwConfig.txt Edit (579 bytes, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: Lspci.txt

Lspci.txt Edit (19.1 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: Lspci-vt.txt

Lspci-vt.txt Edit (2.5 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: Lsusb.txt

Lsusb.txt Edit (573 bytes, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: Lsusb-t.txt

Lsusb-t.txt Edit (838 bytes, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: Lsusb-v.txt

#10

Lsusb-v.txt Edit (26.0 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: ProcCpuinfo.txt

#11

ProcCpuinfo.txt Edit (24.2 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: ProcCpuinfoMinimal.txt

#12

ProcCpuinfoMinimal.txt Edit (1.5 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: ProcInterrupts.txt

#13

ProcInterrupts.txt Edit (17.2 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: ProcModules.txt

#14

ProcModules.txt Edit (9.5 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: PulseList.txt

#15

PulseList.txt Edit (20.5 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: RfKill.txt

#16

RfKill.txt Edit (112 bytes, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: UdevDb.txt

#17

UdevDb.txt Edit (232.2 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: WifiSyslog.txt

#18

WifiSyslog.txt Edit (144.0 KiB, text/plain)

apport information

Revision history for this message

Manah (manah) wrote on 2022-12-05: acpidump.txt

#19

acpidump.txt Edit (848.2 KiB, text/plain)

apport information

Changed in linux (Ubuntu):
status:	Incomplete → Confirmed

Revision history for this message

Kai-Heng Feng (kaihengfeng) wrote on 2022-12-14:

#20

Thanks for the report. Does the issue happen on newer kernels?

Revision history for this message

Radoslaw Martyniszyn (rmartyniszyn) wrote on 2023-04-13:

#21

Download full text (5.3 KiB)

Hello,

I observe the same callstack on Ubuntu 20.04.06 LTS after trying to enable monitor mode:
sudo ip link set dev wlp82s0 down
sudo iwconfig wlp82s0 mode monitor
// Callstack visible after that command
sudo ip link set dev wlp82s0 up

When I call those commands again then callstack is not seen, but monitor mode not works and I am unable to do wifi sniffing. Wifi sniffing stopped working today. Reboot of PC does not help.

PC: Lenovo P53
Info about wifi driver:
$ cat dmesg.txt | grep -E "wifi|wlp82s0"
[ 29.785225] iwlwifi 0000:52:00.0: enabling device (0000 -> 0002)
[ 29.807499] iwlwifi 0000:52:00.0: api flags index 2 larger than supported by driver
[ 29.807514] iwlwifi 0000:52:00.0: TLV_FW_FSEQ_VERSION: FSEQ Version: 89.3.35.37
[ 29.807735] iwlwifi 0000:52:00.0: loaded firmware version 66.f1c864e0.0 cc-a0-66.ucode op_mode iwlmvm
[ 29.971841] iwlwifi 0000:52:00.0: BIOS contains WGDS but no WRDS
[ 29.971851] iwlwifi 0000:52:00.0: Detected Intel(R) Wi-Fi 6 AX200 160MHz, REV=0x340
[ 30.131778] iwlwifi 0000:52:00.0: Detected RF HR B3, rfid=0x10a100
[ 30.201478] iwlwifi 0000:52:00.0: base HW address: f8:e4:e3:d9:d2:ee
[ 30.578367] iwlwifi 0000:52:00.0 wlp82s0: renamed from wlan0

Hello,

When I call those commands again then callstack is not seen, but monitor mode not works and I am unable to do wifi sniffing. Wifi sniffing stopped working today. Reboot of PC does not help.

PC: Lenovo P53
Info about wifi driver:
$ cat dmesg.txt | grep -E "wifi|wlp82s0"
[   29.785225] iwlwifi 0000:52:00.0: enabling device (0000 -> 0002)
[   29.807499] iwlwifi 0000:52:00.0: api flags index 2 larger than supported by driver
[   29.807514] iwlwifi 0000:52:00.0: TLV_FW_FSEQ_VERSION: FSEQ Version: 89.3.35.37
[   29.807735] iwlwifi 0000:52:00.0: loaded firmware version 66.f1c864e0.0 cc-a0-66.ucode op_mode iwlmvm
[   29.971841] iwlwifi 0000:52:00.0: BIOS contains WGDS but no WRDS
[   29.971851] iwlwifi 0000:52:00.0: Detected Intel(R) Wi-Fi 6 AX200 160MHz, REV=0x340
[   30.131778] iwlwifi 0000:52:00.0: Detected RF HR B3, rfid=0x10a100
[   30.201478] iwlwifi 0000:52:00.0: base HW address: f8:e4:e3:d9:d2:ee
[   30.578367] iwlwifi 0000:52:00.0 wlp82s0: renamed from wlan0

callstack:
[  502.483818] ================================================================================
[  502.483829] UBSAN: shift-out-of-bounds in /build/linux-hwe-5.15-x48ylI/linux-hwe-5.15-5.15.0/drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c:669:22
[  502.483841] shift exponent 65535 is too large for 64-bit type 'long unsigned int'
[  502.483851] CPU: 0 PID: 5401 Comm: ip Tainted: P           OE     5.15.0-69-generic #76~20.04.1-Ubuntu
[  502.483862] Hardware name: LENOVO 20QNS1T600/20QNS1T600, BIOS N2NET38W (1.23 ) 06/04/2020
[  502.483866] Call Trace:
[  502.483871]  <TASK>
[  502.483877]  dump_stack_lvl+0x4a/0x63
[  502.483890]  dump_stack+0x10/0x16
[  502.483896]  ubsan_epilogue+0x9/0x49
[  502.483909]  __ubsan_handle_shift_out_of_bounds.cold+0x61/0x10e
[  502.483929]  iwl_mvm_mac_ctxt_cmd_listener.cold+0x20/0x32 [iwlmvm]
[  502.484008]  iwl_mvm_mac_ctx_send+0x8b/0xd0 [iwlmvm]
[  502.484061]  iwl_mvm_mac_ctxt_add+0x44/0xf0 [iwlmvm]
[  502.484108]  iwl_mvm_mac_add_interface+0x133/0x350 [iwlmvm]
[  502.484153]  drv_add_interface+0x47/0x100 [mac80211]
[  502.484266]  ieee80211_add_virtual_monitor+0x11a/0x330 [mac80211]
[  502.484392]  ieee80211_do_open+0x867/0x970 [mac80211]
[  502.484511]  ? ieee80211_check_concurrent_iface+0x158/0x1d0 [mac80211]
[  502.484629]  ieee80211_open+0x70/0x90 [mac80211]
[  502.484744]  __dev_open+0xe5/0x1a0
[  502.484757]  __dev_change_flags+0x190/0x200
[  502.484770]  dev_change_flags+0x26/0x70
[  502.484781]  do_setlink+0x907/0xc40
[  502.484796]  ? __nla_validate_parse+0x4c/0x1a0
[  502.484811]  __rtnl_newlink+0x593/0xa10
[  502.484822]  ? __nla_reserve+0x41/0x60
[  502.484832]  ? __kmalloc_node_track_caller+0x1d0/0x4e0
[  502.484843]  ? skb_free_head+0x69/0x80
[  502.484854]  ? security_sock_rcv_skb+0x2c/0x50
[  502.484868]  ? netlink_deliver_tap+0x3d/0x230
[  502.484876]  ? sk_filter_trim_cap+0xc1/0x230
[  502.484889]  ? skb_queue_tail+0x48/0x60
[  502.484898]  ? sock_def_readable+0x4b/0x80
[  502.484905]  ? __netlink_sendskb+0x3f/0x60
[  502.484913]  ? netlink_unicast+0x21b/0x250
[  502.484924]  ? rtnl_getlink+0x37c/0x400
[  502.484950]  ? __cond_resched+0x19/0x40
[  502.484963]  ? kmem_cache_alloc_trace+0x15a/0x420
[  502.484972]  rtnl_newlink+0x49/0x70
[  502.484982]  rtnetlink_rcv_msg+0x15d/0x410
[  502.484994]  ? __cond_resched+0x19/0x40
[  502.485004]  ? rtnl_calcit.isra.0+0x130/0x130
[  502.485015]  netlink_rcv_skb+0x53/0x100
[  502.485026]  rtnetlink_rcv+0x15/0x20
[  502.485034]  netlink_unicast+0x1ab/0x250
[  502.485043]  netlink_sendmsg+0x23e/0x4a0
[  502.485055]  sock_sendmsg+0x66/0x70
[  502.485067]  ____sys_sendmsg+0x21c/0x290
[  502.485076]  ? copy_msghdr_from_user+0x5c/0x90
[  502.485091]  ___sys_sendmsg+0x81/0xc0
[  502.485103]  ? mntput_no_expire+0x4c/0x260
[  502.485112]  ? __cond_resched+0x19/0x40
[  502.485123]  ? security_file_free+0x54/0x60
[  502.485132]  ? call_rcu+0xa8/0x230
[  502.485144]  ? __fput+0x127/0x280
[  502.485158]  __sys_sendmsg+0x62/0xc0
[  502.485171]  ? handle_mm_fault+0xd9/0x2c0
[  502.485181]  __x64_sys_sendmsg+0x1f/0x30
[  502.485191]  do_syscall_64+0x59/0xc0
[  502.485203]  ? irqentry_exit_to_user_mode+0x9/0x20
[  502.485211]  ? irqentry_exit+0x1d/0x30
[  502.485218]  ? exc_page_fault+0x89/0x170
[  502.485225]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  502.485235] RIP: 0033:0x7f342cf485e7
[  502.485245] Code: 64 89 02 48 c7 c0 ff ff ff ff eb bb 0f 1f 80 00 00 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[  502.485252] RSP: 002b:00007ffe89aee5a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  502.485263] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f342cf485e7
[  502.485269] RDX: 0000000000000000 RSI: 00007ffe89aee620 RDI: 0000000000000003
[  502.485273] RBP: 000000006437ce8c R08: 0000000000000001 R09: 000000000000007c
[  502.485278] R10: 00007f342d014be0 R11: 0000000000000246 R12: 0000000000000001
[  502.485283] R13: 00007ffe89aeee00 R14: 00007ffe89aee6f0 R15: 000055702574a020
[  502.485295]  </TASK>
[  502.485299] ================================================================================

Revision history for this message

Radoslaw Martyniszyn (rmartyniszyn) wrote on 2023-04-13:

#22

>When I call those commands again then callstack is not seen, but monitor mode not works and I am >unable to do wifi sniffing. Wifi sniffing stopped working today. Reboot of PC does not help.
Monitor mode works fine again. That was temporary issue with no wifi monitor mode.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package

UBSAN: shift-out-of-bounds in WiFi driver (iwlwifi/mvm/mac-ctxt.c)

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
linux package