Lucene search

K
cvelistMitreCVELIST:CVE-2023-47233
HistoryNov 03, 2023 - 12:00 a.m.

CVE-2023-47233

2023-11-0300:00:00
mitre
www.cve.org
13
cve-2023-47233
use-after-free
device unplugging
physically proximate attackers
local access
real world scenario
brcmf_cfg80211_escan_timeout_worker
broadcom
brcm80211

AI Score

5.7

Confidence

High

EPSS

0

Percentile

5.1%

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this “could be exploited in a real world scenario.” This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.