CVE-2023-53764Missing Lock Check in Linux

CWE-414Missing Lock Check6 documents5 sources
Severity
5.9MEDIUM
No vector
EPSS
0.0%
top 89.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 8

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peer_id find ath12k_peer_find_by_id() requires that the caller hold the ab->base_lock. Currently the WBM error path does not hold the lock and calling that function, leads to the following lockdep_assert()in QCN9274: [105162.160893] ------------[ cut here ]------------ [105162.160916] WARNING: CPU: 3 PID: 0 at drivers/net/wireless/ath/ath12k/peer.c:71 ath12k_peer_find_by_id+0x52/0x60 [ath12k]

Affected Packages4 packages

Linuxlinux/linux_kernel6.3.06.3.4
Debianlinux/linux_kernel< 6.3.7-1+1
CVEListV5linux/linuxd889913205cf7ebda905b1e62c5867ed4e39f6c29faf7c696610a348ca94a224d55c946b19b3279d+2
debiandebian/linux

🔴Vulnerability Details

3
GHSA
GHSA-qjv9-pc7w-9xrj: In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peer_id find ath12k_peer_find_by_id() requires2025-12-08
OSV
wifi: ath12k: Handle lock during peer_id find2025-12-08
OSV
CVE-2023-53764: In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peer_id find ath12k_peer_find_by_id() requires th2025-12-08

📋Vendor Advisories

2
Red Hat
kernel: wifi: ath12k: Handle lock during peer_id find2025-12-08
Debian
CVE-2023-53764: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12...2023