CVE-2023-53113

wifi: nl80211: fix NULL-ptr deref in offchan check

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NULL-ptr deref in offchan check If, e.g. in AP mode, the link was already created by userspace
but not activated yet, it has a chandef but the chandef isn't
valid and has no channel. Check for this and ignore this link.

A flaw was found in the cfg80211 module in the Linux kernel. In Access Point (AP) mode, if a wireless link is created by userspace but not yet activated, it may contain an invalid channel definition with no channel. This issue may cause a NULL pointer dereference that results in a denial of service.

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NULL-ptr deref in offchan check If, e.g. in AP mode, the link was already created by userspace but not activated yet, it has a chandef but the chandef isn't valid and has no channel. Check for this and ignore this link.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-05-02 CVE Reserved
2025-05-02 CVE Published
2025-05-04 CVE Updated
2025-07-09 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (7)

URL	Tag	Source
https://git.kernel.org/stable/c/7b0a0e3c3a88260b6fcb017e49f198463aa62ed1	Vuln. Introduced
https://git.kernel.org/stable/c/7a53ad13c09150076b7ddde96c2dfc5622c90b45	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/87e80ea4fbc9ce2f2005905fdbcd38baaa47463a	2023-03-22
https://git.kernel.org/stable/c/201a836c2385fdd2b9d0a8e7737bba5b26f1863a	2023-03-22
https://git.kernel.org/stable/c/f624bb6fad23df3270580b4fcef415c6e7bf7705	2023-03-10

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2023-53113	2023-11-14
https://bugzilla.redhat.com/show_bug.cgi?id=2363683	2023-11-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.0 < 6.1.21 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.0 < 6.1.21"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.0 < 6.2.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.0 < 6.2.8"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.0 < 6.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.0 < 6.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.19.2 Search vendor "Linux" for product "Linux Kernel" and version "5.19.2"		en		Affected