Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps() reg_cap.phy_id is extracted from WMI event and could be an unexpected value in case some errors happen. As a result out-of-bound write may occur to soc->hal_reg_cap. Fix it by validating reg_cap.phy_id before using it. This is found during code review. Compile tested only.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.3, < 6.5.13 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/4dd0547e8b45faf6f95373be5436b66cde326c0ePatch
- https://git.kernel.org/stable/c/b302dce3d9edea5b93d1902a541684a967f3c63cPatch
- https://git.kernel.org/stable/c/dfe13eaab043130f90dd3d57c7d88577c04adc97Patch
- https://git.kernel.org/stable/c/4dd0547e8b45faf6f95373be5436b66cde326c0ePatch
- https://git.kernel.org/stable/c/b302dce3d9edea5b93d1902a541684a967f3c63cPatch
- https://git.kernel.org/stable/c/dfe13eaab043130f90dd3d57c7d88577c04adc97Patch
FAQ
What is CVE-2023-52829?
CVE-2023-52829 is a vulnerability with a CVSS score of 6.2 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps() reg_cap.phy_id is extracted from WMI event and coul...
How severe is CVE-2023-52829?
CVE-2023-52829 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-52829?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.