CVE-2023-54029

medium

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO For MLO, we cannot use vif->bss_conf.chandef.chan->band, since that will lead to a NULL-ptr dereference as bss_conf isn't used. However, in case of real MLO, we also need to take both LMACs into account if they exist, since the station might be active on both LMACs at the same time.

References

https://git.kernel.org/stable/c/b2bc600cced23762d4e97db8989b18772145604f

https://git.kernel.org/stable/c/63e2d06adf6b0842132ba89efdf8fada5f7ff1ac

https://git.kernel.org/stable/c/4489aa868bc6343afdaf5ef324af5b1f64962b25

Details

Source: Mitre, NVD

Published: 2025-12-24

Updated: 2025-12-24

Risk Information

CVSS v2

Base Score: 6.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00017