CVE-2023-53315Missing Release of Memory after Effective Lifetime in Linux

CWE-401Missing Release of Memory after Effective LifetimeCWE-129Improper Validation of Array Index5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 94.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 16

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time, randomly an RX descriptor filled with value "0" from REO destination ring is received. This descriptor which is invalid causes the wrong SKB (SKB stored in the IDR lookup with buffer id "0") to be fetched which in turn causes SKB memory corruption issue and the same leads to crash after some time. Changed the start id for idr allo

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.65.10.181+3
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linuxd5c65159f2895379e11ca13f62feabe93278985d866921dc06b94df91acfcf9359b57da943ed99b3+5
debiandebian/linux< linux 6.1.37-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-fv7c-cvj6-wrfg: In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics2025-09-16
OSV
CVE-2023-53315: In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics fo2025-09-16

📋Vendor Advisories

2
Red Hat
kernel: wifi: ath11k: Fix SKB corruption in REO destination ring2025-09-16
Debian
CVE-2023-53315: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: ath11...2023
CVE-2023-53315 — Linux vulnerability | cvebase