CVE-2023-52800

MEDIUM

Published 2024-05-21T15:31:13.033Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-52800. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1

4.4

/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01

0.000

probability

of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25

Exploit Probability

Percentile: 0.124

Higher than 12.4% of all CVEs

Attack Vector Metrics

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath11k: fix htt pktlog locking

The ath11k active pdevs are protected by RCU but the htt pktlog handling
code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a
read-side critical section.

Mark the code in question as an RCU read-side critical section to avoid
any potential use-after-free issues.

Compile tested only.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Affected Versions:

d5c65159f2895379e11ca13f62feabe93278985d d5c65159f2895379e11ca13f62feabe93278985d d5c65159f2895379e11ca13f62feabe93278985d d5c65159f2895379e11ca13f62feabe93278985d d5c65159f2895379e11ca13f62feabe93278985d d5c65159f2895379e11ca13f62feabe93278985d

Linux

Affected Versions:

5.6 0 5.10.202 5.15.140 6.1.64 6.5.13 6.6.3 6.7

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-5p99-hcg9-j3m3

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues. Compile tested only.

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-52800

WEB https://git.kernel.org/stable/c/03ed26935bebf6b6fd8a656490bf3dcc71b72679

WEB https://git.kernel.org/stable/c/3a51e6b4da71fdfa43ec006d6abc020f3e22d14e

WEB https://git.kernel.org/stable/c/3f77c7d605b29df277d77e9ee75d96e7ad145d2d

WEB https://git.kernel.org/stable/c/423762f021825b5e57c3d6f01ff96a9ff19cdcd8

WEB https://git.kernel.org/stable/c/69cede2a5a5f60e3f5602b901b52cb64edd2ea6c

WEB https://git.kernel.org/stable/c/e3199b3fac65c9f103055390b6fd07c5cffa5961

Advisory provided by GitHub Security Advisory Database. Published: May 21, 2024, Modified: November 6, 2024

References

https://git.kernel.org/stable/c/03ed26935bebf6b6fd8a656490bf3dcc71b72679

https://git.kernel.org/stable/c/3a51e6b4da71fdfa43ec006d6abc020f3e22d14e

https://git.kernel.org/stable/c/e3199b3fac65c9f103055390b6fd07c5cffa5961

https://git.kernel.org/stable/c/423762f021825b5e57c3d6f01ff96a9ff19cdcd8

https://git.kernel.org/stable/c/69cede2a5a5f60e3f5602b901b52cb64edd2ea6c

https://git.kernel.org/stable/c/3f77c7d605b29df277d77e9ee75d96e7ad145d2d

Published: 2024-05-21T15:31:13.033Z

Last Modified: 2025-05-04T07:43:26.509Z

Copied to clipboard!

CVE-2023-52800

Expert Analysis

CVSS Score

EPSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

Affected Products

Linux

Affected Versions:

Linux

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!