CVE-2023-52525

wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet

Severity Score

3.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet Only skip the code path trying to access the rfc1042 headers when the
buffer is too small, so the driver can still process packets without
rfc1042 headers.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mwifiex: corrige la condición de verificación de oob en mwifiex_process_rx_packet Solo omita la ruta del código al intentar acceder a los encabezados rfc1042 cuando el búfer sea demasiado pequeño, para que el controlador aún pueda procesar paquetes sin encabezados rfc1042 .

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet Only skip the code path trying to access the rfc1042 headers when the buffer is too small, so the driver can still process packets without rfc1042 headers.

*Credits: N/A

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Adjacent

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-20 CVE Reserved
2024-03-02 CVE Published
2024-12-19 CVE Updated
2025-03-29 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (16)

URL	Tag	Source
https://git.kernel.org/stable/c/f517c97fc129995de77dd06aa5a74f909ebf568f	Vuln. Introduced
https://git.kernel.org/stable/c/8824aa4ab62c800f75d96f48e1883a5f56ec5869	Vuln. Introduced
https://git.kernel.org/stable/c/29eca8b7863d1d7de6c5b746b374e3487d14f154	Vuln. Introduced
https://git.kernel.org/stable/c/3fe3923d092e22d87d1ed03e2729db444b8c1331	Vuln. Introduced
https://git.kernel.org/stable/c/7c54b6fc39eb1aac51cf2945f8a25e2a47fdca02	Vuln. Introduced
https://git.kernel.org/stable/c/3975e21d4d01efaf0296ded40d11c06589c49245	Vuln. Introduced
https://git.kernel.org/stable/c/650d1bc02fba7b42f476d8b6643324abac5921ed	Vuln. Introduced
https://git.kernel.org/stable/c/a7300e3800e9fd5405e88ce67709c1a97783b9c8	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c	2023-10-10
https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555	2023-10-10
https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e	2023-10-10
https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38	2023-10-10
https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6	2023-10-10
https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99	2023-10-10
https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216	2023-10-10
https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8	2023-09-18

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.14.326 < 4.14.327 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14.326 < 4.14.327"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19.295 < 4.19.296 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.295 < 4.19.296"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4.257 < 5.4.258 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.257 < 5.4.258"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10.195 < 5.10.198 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.195 < 5.10.198"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15.132 < 5.15.135 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.132 < 5.15.135"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.53 < 6.1.57 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.53 < 6.1.57"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.5.3 < 6.5.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.5.3 < 6.5.7"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.4.16 Search vendor "Linux" for product "Linux Kernel" and version "6.4.16"		en		Affected