CVE-2023-53232NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
7.1HIGHNVD
EPSS
0.0%
top 98.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been removed completely since commit 16d98b548365 ("mt76: mt7921: rely on mcu_get_nic_capability"). This could result in potential invalid memory access. To fix the kernel panic issue in mt7921, it is necessary to avoid accessing unallocated eeprom.data which can lead to invalid memor

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

NVDlinux/linux_kernel5.166.1.28+2
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux16d98b548365fcd6fc3fe2e1ae73c9e3cc5ee43d11181b6c8641cd417935b76ea997d0169f2db262+4
debiandebian/linux< linux 6.1.37-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-mhw2-58jv-2mcg: In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom2025-09-15
OSV
CVE-2023-53232: In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom2025-09-15

📋Vendor Advisories

2
Red Hat
kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data2025-09-15
Debian
CVE-2023-53232: linux - In the Linux kernel, the following vulnerability has been resolved: mt76: mt792...2023
CVE-2023-53232 — NULL Pointer Dereference in Linux | cvebase