CVE-2023-54229Use of Out-of-range Pointer Offset in Linux

CWE-823Use of Out-of-range Pointer Offset7 documents6 sources
Severity
4.0MEDIUM
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register: WARNING: CPU: 2 PID: 106 at net/wireless/core.c:907 wiphy_register+0x914/0x954 Modules linked in: ath11k_pci sbsa_gwdt CPU: 2 PID: 106 Comm: kworker/u8:5 Not tainted 6.3.0-rc7-next-20230418-00549-g1e096a17625a-dirty #9 Har

Affected Packages4 packages

Linuxlinux/linux_kernel5.9.05.10.188+3
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux22eeadcdeab63e88983401f699f61a0121c03a0d532f8bac60419eb28158770470b9bb655de207c8+5
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-6p8q-gjxv-fgh3: In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range B2025-12-30
OSV
wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range2025-12-30
OSV
CVE-2023-54229: In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Bec2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: wifi: fix registration of 6Ghz-only phy without the full channel range2025-12-30
Debian
CVE-2023-54229: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: ath11...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54229 Impact, Exploitability, and Mitigation Steps | Wiz