Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentLinuxVULNRICHMENT:CVE-2023-52776
HistoryMay 21, 2024 - 3:30 p.m.

CVE-2023-52776 wifi: ath12k: fix dfs-radar and temperature event locking

2024-05-2115:30:56
Linux
github.com
8
linux kernel
vulnerability
ath12k
event locking
fix
dfs-radar
temperature
rcu
use-after-free
compile tested

AI Score

7

Confidence

Low

EPSS

0

Percentile

15.5%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: fix dfs-radar and temperature event locking

The ath12k active pdevs are protected by RCU but the DFS-radar and
temperature event handling code calling ath12k_mac_get_ar_by_pdev_id()
was not marked as a read-side critical section.

Mark the code in question as RCU read-side critical sections to avoid
any potential use-after-free issues.

Note that the temperature event handler looks like a place holder
currently but would still trigger an RCU lockdep splat.

Compile tested only.

CNA Affected

[
  {
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "vendor": "Linux",
    "product": "Linux",
    "versions": [
      {
        "status": "affected",
        "version": "d889913205cf",
        "lessThan": "774de37c147f",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "d889913205cf",
        "lessThan": "d7a5f7f76568",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "d889913205cf",
        "lessThan": "69bd216e0493",
        "versionType": "git"
      }
    ],
    "programFiles": [
      "drivers/net/wireless/ath/ath12k/wmi.c"
    ],
    "defaultStatus": "unaffected"
  },
  {
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "vendor": "Linux",
    "product": "Linux",
    "versions": [
      {
        "status": "affected",
        "version": "6.3"
      },
      {
        "status": "unaffected",
        "version": "0",
        "lessThan": "6.3",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "6.5.13",
        "versionType": "custom",
        "lessThanOrEqual": "6.5.*"
      },
      {
        "status": "unaffected",
        "version": "6.6.3",
        "versionType": "custom",
        "lessThanOrEqual": "6.6.*"
      },
      {
        "status": "unaffected",
        "version": "6.7",
        "versionType": "original_commit_for_fix",
        "lessThanOrEqual": "*"
      }
    ],
    "programFiles": [
      "drivers/net/wireless/ath/ath12k/wmi.c"
    ],
    "defaultStatus": "affected"
  }
]

Related

nvd 1
ubuntucve 1
cvelist 1
osv 4
cve 1
debiancve 1
redhatcve 1
nessus 3
nvd
nvd
CVE-2023-52776
2024-05-21 16:15:16
ubuntucve
ubuntucve
CVE-2023-52776
2024-05-21 00:00:00
cvelist
cvelist
CVE-2023-52776 wifi: ath12k: fix dfs-radar and temperature event locking
2024-05-21 15:30:56
osv
osv
CVE-2023-52776
2024-05-21 16:15:00
Security update for the Linux Kernel
2024-07-22 10:34:18
Security update for the Linux Kernel
2024-08-13 14:09:50
cve
cve
CVE-2023-52776
2024-05-21 16:15:16
debiancve
debiancve
CVE-2023-52776
2024-05-21 16:15:16
redhatcve
redhatcve
CVE-2023-52776
2024-05-23 11:09:46
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2571-1)
2024-07-23 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2896-1)
2024-08-14 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2973-1)
2024-08-21 00:00:00

AI Score

7

Confidence

Low

EPSS

0

Percentile

15.5%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2023-52776
nvd1ubuntucve1cvelist1osv4cve1debiancve1redhatcve1nessus3