CVE-2023-52593

2024-03-0600:00:00

ubuntu.com

linux kernel

wifi

vulnerability

cve-2023-52593

AI Score

7.7

Confidence

High

EPSS

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved: wifi:
wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Since
‘ieee80211_beacon_get()’ can return NULL, ‘wfx_set_mfp_ap()’ should check
the return value before examining skb data. So convert the latter to return
an appropriate error code and propagate it to return from ‘wfx_start_ap()’
as well. Compile tested only.

Notes

Author	Note
rodrigo-zaiden	USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< 6.5.0-41.41UNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN
ubuntu23.10noarchlinux-aws< 6.5.0-1021.21UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< anyUNKNOWN
ubuntu22.04noarchlinux-aws-6.5< anyUNKNOWN
ubuntu20.04noarchlinux-azure< anyUNKNOWN
ubuntu22.04noarchlinux-azure< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< 6.5.0-41.41	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	23.10	noarch	linux-aws	< 6.5.0-1021.21	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws-6.5	< any	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	22.04	noarch	linux-azure	< any	UNKNOWN