CVE-2023-52829

May 21, 2024, 4:53 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps() reg_cap.phy_id is extracted from WMI event and could be an unexpected value in case some errors happen. As a result out-of-bound write may occur to soc->hal_reg_cap. Fix it by validating reg_cap.phy_id before using it. This is found during code review. Compile tested only.

Product(s) Impacted

Product Versions
Linux kernel
Linux Kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/4dd0547e8b45faf6f95373be5436b66cde326c0e
https://git.kernel.org/stable/c/b302dce3d9edea5b93d1902a541684a967f3c63c
https://git.kernel.org/stable/c/dfe13eaab043130f90dd3d57c7d88577c04adc97

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-21
CVE-2023-52829

Timeline

Published: May 21, 2024, 4:15 p.m.
Last Modified: May 21, 2024, 4:53 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.