CVE-2023-52776
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix dfs-radar and temperature event locking
The ath12k active pdevs are protected by RCU but the DFS-radar and temperature event handling code calling ath12k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section.
Mark the code in question as RCU read-side critical sections to avoid any potential use-after-free issues.
Note that the temperature event handler looks like a place holder currently but would still trigger an RCU lockdep splat.
Compile tested only.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | d889913205cf7ebda905b1e62c5867ed4e39f6c2 < 774de37c147fea81f2c2e4be5082304f4f71d535 | affected |
| Linux | Linux | d889913205cf7ebda905b1e62c5867ed4e39f6c2 < d7a5f7f76568e48869916d769e28b9f3ca70c78e | affected |
| Linux | Linux | d889913205cf7ebda905b1e62c5867ed4e39f6c2 < 69bd216e049349886405b1c87a55dce3d35d1ba7 | affected |
| Linux | Linux | 6.3 | affected |
| Linux | Linux | 0 < 6.3 | unaffected |
| Linux | Linux | 6.5.13 <= 6.5.* | unaffected |
| Linux | Linux | 6.6.3 <= 6.6.* | unaffected |
| Linux | Linux | 6.7 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/774de37c147fea81f2c2e4be5082304f4f71d535
- https://git.kernel.org/stable/c/d7a5f7f76568e48869916d769e28b9f3ca70c78e
- https://git.kernel.org/stable/c/69bd216e049349886405b1c87a55dce3d35d1ba7
References
- https://git.kernel.org/stable/c/774de37c147fea81f2c2e4be5082304f4f71d535
- https://git.kernel.org/stable/c/d7a5f7f76568e48869916d769e28b9f3ca70c78e
- https://git.kernel.org/stable/c/69bd216e049349886405b1c87a55dce3d35d1ba7
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.