CVE - CVE-2023-52827

CVE-ID
CVE-2023-52827	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats() len is extracted from HTT message and could be an unexpected value in case errors happen, so add validation before using to avoid possible out-of-bound read in the following message iteration and parsing. The same issue also applies to ppdu_info->ppdu_stats.common.num_users, so validate it before using too. These are found during code review. Compile test only.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/1bc44a505a229bb1dd4957e11aa594edeea3690e URL:https://git.kernel.org/stable/c/1bc44a505a229bb1dd4957e11aa594edeea3690e MISC:https://git.kernel.org/stable/c/79527c21a3ce04cffc35ea54f74ee087e532be57 URL:https://git.kernel.org/stable/c/79527c21a3ce04cffc35ea54f74ee087e532be57 MISC:https://git.kernel.org/stable/c/c9e44111da221246efb2e623ae1be40a5cf6542c URL:https://git.kernel.org/stable/c/c9e44111da221246efb2e623ae1be40a5cf6542c
Assigning CNA
kernel.org
Date Record Created
20240521	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240521)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)