| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091623-CVE-2023-53277-2b69@gregkh> Date: Tue, 16 Sep 2025 10:11:27 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53277: wifi: iwl3945: Add missing check for create_singlethread_workqueue From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_workqueue in order to avoid NULL pointer dereference. The Linux kernel CVE team has assigned CVE-2023-53277 to this issue. Affected and fixed versions =========================== Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 4.19.276 with commit 3ae2fc4de12686f3fe695824169c1272c9f798f7 Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 5.4.235 with commit 7e594abc0424e4f8c2385f11aefeaadcfc507aa5 Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 5.10.173 with commit 2f80b3ff92514ebd227e5c55d3d1e480401b02b7 Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 5.15.99 with commit 505c74c4c0b1c5bcaa98a93b3087c268156070f1 Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 6.1.16 with commit 34f611204ae589bd5c494b10b41fb13436bd3c3f Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 6.2.3 with commit 17e07d6587c55015956862ef3b101fd45fa49fbc Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 6.3 with commit 1fdeb8b9f29dfd64805bb49475ac7566a3cb06cb Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53277 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/wireless/intel/iwlegacy/3945-mac.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/3ae2fc4de12686f3fe695824169c1272c9f798f7 https://git.kernel.org/stable/c/7e594abc0424e4f8c2385f11aefeaadcfc507aa5 https://git.kernel.org/stable/c/2f80b3ff92514ebd227e5c55d3d1e480401b02b7 https://git.kernel.org/stable/c/505c74c4c0b1c5bcaa98a93b3087c268156070f1 https://git.kernel.org/stable/c/34f611204ae589bd5c494b10b41fb13436bd3c3f https://git.kernel.org/stable/c/17e07d6587c55015956862ef3b101fd45fa49fbc https://git.kernel.org/stable/c/1fdeb8b9f29dfd64805bb49475ac7566a3cb06cb
Powered by blists - more mailing lists