| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091628-CVE-2023-53302-92bb@gregkh> Date: Tue, 16 Sep 2025 10:11:52 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53302: wifi: iwl4965: Add missing check for create_singlethread_workqueue() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for create_singlethread_workqueue() Add the check for the return value of the create_singlethread_workqueue() in order to avoid NULL pointer dereference. The Linux kernel CVE team has assigned CVE-2023-53302 to this issue. Affected and fixed versions =========================== Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 4.19.276 with commit 874a85051cc8df8c5b928d8ff172b342cdc5424b Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 5.4.235 with commit c002d2741400771171b68dde9af937a4dfa0d1b3 Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 5.10.173 with commit 3185d6cfc59277a77bf311dce701b7e25193f66a Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 5.15.99 with commit f15ef0ebcf56be1d4a3c9a7a80a1f1f82ab0eaad Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 6.1.16 with commit 2f85c768bea2057e3299d19514da9e932c4f92d2 Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 6.2.3 with commit 878a7c8357764e08bc778bcb26127fc12a4b36b7 Issue introduced in 2.6.24 with commit b481de9ca074528fe8c429604e2777db8b89806a and fixed in 6.3 with commit 26e6775f75517ad6844fe5b79bc5f3fa8c22ee61 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53302 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/wireless/intel/iwlegacy/4965-mac.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/874a85051cc8df8c5b928d8ff172b342cdc5424b https://git.kernel.org/stable/c/c002d2741400771171b68dde9af937a4dfa0d1b3 https://git.kernel.org/stable/c/3185d6cfc59277a77bf311dce701b7e25193f66a https://git.kernel.org/stable/c/f15ef0ebcf56be1d4a3c9a7a80a1f1f82ab0eaad https://git.kernel.org/stable/c/2f85c768bea2057e3299d19514da9e932c4f92d2 https://git.kernel.org/stable/c/878a7c8357764e08bc778bcb26127fc12a4b36b7 https://git.kernel.org/stable/c/26e6775f75517ad6844fe5b79bc5f3fa8c22ee61
Powered by blists - more mailing lists