Vulnerability Details : CVE-2023-52530
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix potential key use-after-free
When ieee80211_key_link() is called by ieee80211_gtk_rekey_add()
but returns 0 due to KRACK protection (identical key reinstall),
ieee80211_gtk_rekey_add() will still return a pointer into the
key, in a potential use-after-free. This normally doesn't happen
since it's only called by iwlwifi in case of WoWLAN rekey offload
which has its own KRACK protection, but still better to fix, do
that by returning an error code and converting that to success on
the cfg80211 boundary only, leaving the error for bad callers of
ieee80211_gtk_rekey_add().
Vulnerability category: Memory Corruption
Products affected by CVE-2023-52530
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-52530
0.01%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 2 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-52530
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2024-12-11 |
CWE ids for CVE-2023-52530
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-52530
-
https://git.kernel.org/stable/c/e8a834eb09bb95c2bf9c76f1a28ecef7d8c439d0
wifi: mac80211: fix potential key use-after-free - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/65c72a7201704574dace708cbc96a8f367b1491d
wifi: mac80211: fix potential key use-after-free - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/2408f491ff998d674707725eadc47d8930aced09
wifi: mac80211: fix potential key use-after-free - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/31db78a4923ef5e2008f2eed321811ca79e7f71b
wifi: mac80211: fix potential key use-after-free - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/e8e599a635066c50ac214c3e10858f1d37e03022
wifi: mac80211: fix potential key use-after-free - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/2f4e16e39e4f5e78248dd9e51276a83203950b36
wifi: mac80211: fix potential key use-after-free - kernel/git/stable/linux.git - Linux kernel stable treePatch
Jump to