CVE-2023-52593

high

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Since 'ieee80211_beacon_get()' can return NULL, 'wfx_set_mfp_ap()' should check the return value before examining skb data. So convert the latter to return an appropriate error code and propagate it to return from 'wfx_start_ap()' as well. Compile tested only.

References

https://git.kernel.org/stable/c/fe0a7776d4d19e613bb8dd80fe2d78ae49e8b49d

https://git.kernel.org/stable/c/9ab224744a47363f74ea29c6894c405e3bcf5132

https://git.kernel.org/stable/c/574dcd3126aa2eed75437137843f254b1190dd03

https://git.kernel.org/stable/c/3739121443f5114c6bcf6d841a5124deb006b878

Details

Source: Mitre, NVD

Published: 2024-03-06

Updated: 2024-03-06

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:H/Au:N/C:C/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High