CVE-2023-53226
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: mwifiex: Fix OOB and integer underflow when rx packets
Make sure mwifiex_process_mgmt_packet, mwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet, mwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet not out-of-bounds access the skb->data buffer.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 2dbaf751b1dec3a603130a475f94cc4d3f404362 < f517c97fc129995de77dd06aa5a74f909ebf568f | affected |
| Linux | Linux | 2dbaf751b1dec3a603130a475f94cc4d3f404362 < 8824aa4ab62c800f75d96f48e1883a5f56ec5869 | affected |
| Linux | Linux | 2dbaf751b1dec3a603130a475f94cc4d3f404362 < 29eca8b7863d1d7de6c5b746b374e3487d14f154 | affected |
| Linux | Linux | 2dbaf751b1dec3a603130a475f94cc4d3f404362 < 3fe3923d092e22d87d1ed03e2729db444b8c1331 | affected |
| Linux | Linux | 2dbaf751b1dec3a603130a475f94cc4d3f404362 < 7c54b6fc39eb1aac51cf2945f8a25e2a47fdca02 | affected |
| Linux | Linux | 2dbaf751b1dec3a603130a475f94cc4d3f404362 < 3975e21d4d01efaf0296ded40d11c06589c49245 | affected |
| Linux | Linux | 2dbaf751b1dec3a603130a475f94cc4d3f404362 < a7300e3800e9fd5405e88ce67709c1a97783b9c8 | affected |
| Linux | Linux | 2dbaf751b1dec3a603130a475f94cc4d3f404362 < 650d1bc02fba7b42f476d8b6643324abac5921ed | affected |
| Linux | Linux | 2dbaf751b1dec3a603130a475f94cc4d3f404362 < 11958528161731c58e105b501ed60b83a91ea941 | affected |
| Linux | Linux | 3.7 | affected |
| Linux | Linux | 0 < 3.7 | unaffected |
| Linux | Linux | 4.14.326 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.295 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.257 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.195 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.132 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.53 <= 6.1.* | unaffected |
| Linux | Linux | 6.4.16 <= 6.4.* | unaffected |
| Linux | Linux | 6.5.3 <= 6.5.* | unaffected |
| Linux | Linux | 6.6 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/f517c97fc129995de77dd06aa5a74f909ebf568f
- https://git.kernel.org/stable/c/8824aa4ab62c800f75d96f48e1883a5f56ec5869
- https://git.kernel.org/stable/c/29eca8b7863d1d7de6c5b746b374e3487d14f154
- https://git.kernel.org/stable/c/3fe3923d092e22d87d1ed03e2729db444b8c1331
- https://git.kernel.org/stable/c/7c54b6fc39eb1aac51cf2945f8a25e2a47fdca02
- https://git.kernel.org/stable/c/3975e21d4d01efaf0296ded40d11c06589c49245
- https://git.kernel.org/stable/c/a7300e3800e9fd5405e88ce67709c1a97783b9c8
- https://git.kernel.org/stable/c/650d1bc02fba7b42f476d8b6643324abac5921ed
- https://git.kernel.org/stable/c/11958528161731c58e105b501ed60b83a91ea941
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.