| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091513-CVE-2023-53226-a44a@gregkh> Date: Mon, 15 Sep 2025 16:22:00 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53226: wifi: mwifiex: Fix OOB and integer underflow when rx packets From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiex_process_mgmt_packet, mwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet, mwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet not out-of-bounds access the skb->data buffer. The Linux kernel CVE team has assigned CVE-2023-53226 to this issue. Affected and fixed versions =========================== Issue introduced in 3.7 with commit 2dbaf751b1dec3a603130a475f94cc4d3f404362 and fixed in 4.14.326 with commit f517c97fc129995de77dd06aa5a74f909ebf568f Issue introduced in 3.7 with commit 2dbaf751b1dec3a603130a475f94cc4d3f404362 and fixed in 4.19.295 with commit 8824aa4ab62c800f75d96f48e1883a5f56ec5869 Issue introduced in 3.7 with commit 2dbaf751b1dec3a603130a475f94cc4d3f404362 and fixed in 5.4.257 with commit 29eca8b7863d1d7de6c5b746b374e3487d14f154 Issue introduced in 3.7 with commit 2dbaf751b1dec3a603130a475f94cc4d3f404362 and fixed in 5.10.195 with commit 3fe3923d092e22d87d1ed03e2729db444b8c1331 Issue introduced in 3.7 with commit 2dbaf751b1dec3a603130a475f94cc4d3f404362 and fixed in 5.15.132 with commit 7c54b6fc39eb1aac51cf2945f8a25e2a47fdca02 Issue introduced in 3.7 with commit 2dbaf751b1dec3a603130a475f94cc4d3f404362 and fixed in 6.1.53 with commit 3975e21d4d01efaf0296ded40d11c06589c49245 Issue introduced in 3.7 with commit 2dbaf751b1dec3a603130a475f94cc4d3f404362 and fixed in 6.4.16 with commit a7300e3800e9fd5405e88ce67709c1a97783b9c8 Issue introduced in 3.7 with commit 2dbaf751b1dec3a603130a475f94cc4d3f404362 and fixed in 6.5.3 with commit 650d1bc02fba7b42f476d8b6643324abac5921ed Issue introduced in 3.7 with commit 2dbaf751b1dec3a603130a475f94cc4d3f404362 and fixed in 6.6 with commit 11958528161731c58e105b501ed60b83a91ea941 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53226 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/wireless/marvell/mwifiex/sta_rx.c drivers/net/wireless/marvell/mwifiex/uap_txrx.c drivers/net/wireless/marvell/mwifiex/util.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/f517c97fc129995de77dd06aa5a74f909ebf568f https://git.kernel.org/stable/c/8824aa4ab62c800f75d96f48e1883a5f56ec5869 https://git.kernel.org/stable/c/29eca8b7863d1d7de6c5b746b374e3487d14f154 https://git.kernel.org/stable/c/3fe3923d092e22d87d1ed03e2729db444b8c1331 https://git.kernel.org/stable/c/7c54b6fc39eb1aac51cf2945f8a25e2a47fdca02 https://git.kernel.org/stable/c/3975e21d4d01efaf0296ded40d11c06589c49245 https://git.kernel.org/stable/c/a7300e3800e9fd5405e88ce67709c1a97783b9c8 https://git.kernel.org/stable/c/650d1bc02fba7b42f476d8b6643324abac5921ed https://git.kernel.org/stable/c/11958528161731c58e105b501ed60b83a91ea941
Powered by blists - more mailing lists