CVE-2023-52525

HIGH

Linux Kernel 5.10.195-5.10.198 - Out-of-bounds Read in mwifiex_process_rx_packet

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet Only skip the code path trying to access the rfc1042 headers when the buffer is too small, so the driver can still process packets without rfc1042 headers.

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c

Patch

https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555

Patch

https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e

Patch

https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38

Patch

https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6

Patch

https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99

Patch

https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216

Patch

https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8

Scores

CVSS v3 7.1

EPSS 0.0024

EPSS Percentile 14.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-125

Status published

Products (21)

Linux/Linux 11958528161731c58e105b501ed60b83a91ea941 - aef7a0300047e7b4707ea0411dc9597cba108fc8

Linux/Linux 29eca8b7863d1d7de6c5b746b374e3487d14f154 - b8e260654a29de872e7cb85387d8ab8974694e8e

Linux/Linux 3975e21d4d01efaf0296ded40d11c06589c49245 - 6b706286473db4fd54b5f869faa67f4a8cb18e99

Linux/Linux 3fe3923d092e22d87d1ed03e2729db444b8c1331 - 10a18c8bac7f60d32b7af22da03b66f350beee38

Linux/Linux 4.14.326 - 4.14.327

Linux/Linux 4.19.295 - 4.19.296

Linux/Linux 5.10.195 - 5.10.198

Linux/Linux 5.15.132 - 5.15.135

Linux/Linux 5.4.257 - 5.4.258

Linux/Linux 6.1.53 - 6.1.57

... and 11 more

Published Mar 02, 2024

Tracked Since Feb 18, 2026