| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091502-CVE-2023-53251-8d43@gregkh> Date: Mon, 15 Sep 2025 16:46:26 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53251: wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler() rxq can be NULL only when trans_pcie->rxq is NULL and entry->entry is zero. For the case when entry->entry is not equal to 0, rxq won't be NULL even if trans_pcie->rxq is NULL. Modify checker to check for trans_pcie->rxq. The Linux kernel CVE team has assigned CVE-2023-53251 to this issue. Affected and fixed versions =========================== Issue introduced in 5.12 with commit abc599efa67bb4138536360e07d677052b19e392 and fixed in 5.15.121 with commit 3b9de981fe7f1c6e07c7b852421ad69be3d4b6c2 Issue introduced in 5.12 with commit abc599efa67bb4138536360e07d677052b19e392 and fixed in 6.1.39 with commit 2d690495eb2766d58e25c83676f422219c4fcf18 Issue introduced in 5.12 with commit abc599efa67bb4138536360e07d677052b19e392 and fixed in 6.3.13 with commit 390e44efcf4d390b5053ad112553155d2d097c73 Issue introduced in 5.12 with commit abc599efa67bb4138536360e07d677052b19e392 and fixed in 6.4.4 with commit f71d0fc407dd028416bec002ddcc62f5acb0346a Issue introduced in 5.12 with commit abc599efa67bb4138536360e07d677052b19e392 and fixed in 6.5 with commit 1902f1953b8ba100ee8705cb8a6f1a9795550eca Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53251 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/wireless/intel/iwlwifi/pcie/rx.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/3b9de981fe7f1c6e07c7b852421ad69be3d4b6c2 https://git.kernel.org/stable/c/2d690495eb2766d58e25c83676f422219c4fcf18 https://git.kernel.org/stable/c/390e44efcf4d390b5053ad112553155d2d097c73 https://git.kernel.org/stable/c/f71d0fc407dd028416bec002ddcc62f5acb0346a https://git.kernel.org/stable/c/1902f1953b8ba100ee8705cb8a6f1a9795550eca
Powered by blists - more mailing lists