CVE-2023-53071

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: do not run mt76_unregister_device() on unregistered hw

Trying to probe a mt7921e pci card without firmware results in a successful probe where ieee80211_register_hw hasn't been called. When removing the driver, ieee802111_unregister_hw is called unconditionally leading to a kernel NULL pointer dereference. Fix the issue running mt76_unregister_device routine just for registered hw.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1c71e03afe4b457a15e50de40006b927dfc00755 < dffe86df26aee01a5fc56a175b7a7f157961e370affected
LinuxLinux1c71e03afe4b457a15e50de40006b927dfc00755 < 2d34f27714c97a9786a30b3bb54944d6d8ed612faffected
LinuxLinux1c71e03afe4b457a15e50de40006b927dfc00755 < 41130c32f3a18fcc930316da17f3a5f3bc326aa1affected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.2.9 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References