In the Linux kernel, the following vulnerability has been resolved: wifi:
ath11k: fix gtk offload status event locking The ath11k active pdevs are
protected by RCU but the gtk offload status event handling code calling
ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical
section. Mark the code in question as an RCU read-side critical section to
avoid any potential use-after-free issues. Compile tested only.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-gcp-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-nvidia-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-oracle-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-starfive-6.5 | < any | UNKNOWN |
git.kernel.org/linus/1dea3c0720a146bd7193969f2847ccfed5be2221 (6.7-rc1)
git.kernel.org/stable/c/0cf7577b6b3153b4b49deea9719fe43f96469c6d
git.kernel.org/stable/c/1dea3c0720a146bd7193969f2847ccfed5be2221
git.kernel.org/stable/c/cf9c7d783a2bf9305df4ef5b93d9063a52e18fca
git.kernel.org/stable/c/e83246ecd3b193f8d91fce778e8a5ba747fc7d8a
launchpad.net/bugs/cve/CVE-2023-52777
nvd.nist.gov/vuln/detail/CVE-2023-52777
security-tracker.debian.org/tracker/CVE-2023-52777
www.cve.org/CVERecord?id=CVE-2023-52777