CVE-2023-53570

EPSS 0.02%
Veröffentlicht 04.10.2025 15:17:11
Zuletzt bearbeitet 06.02.2026 14:56:28
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()

nl80211_parse_mbssid_elems() uses a u8 variable num_elems to count the
number of MBSSID elements in the nested netlink attribute attrs, which can
lead to an integer overflow if a user of the nl80211 interface specifies
256 or more elements in the corresponding attribute in userspace. The
integer overflow can lead to a heap buffer overflow as num_elems determines
the size of the trailing array in elems, and this array is thereafter
written to for each element in attrs.

Note that this vulnerability only affects devices with the
wiphy->mbssid_max_interfaces member set for the wireless physical device
struct in the device driver, and can only be triggered by a process with
CAP_NET_ADMIN capabilities.

Fix this by checking for a maximum of 255 elements in attrs.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.46

Linux ≫ Linux Kernel Version >= 6.2 < 6.4.11

Linux ≫ Linux Kernel Version6.5 Updaterc1

Linux ≫ Linux Kernel Version6.5 Updaterc2

Linux ≫ Linux Kernel Version6.5 Updaterc3

Linux ≫ Linux Kernel Version6.5 Updaterc4

Linux ≫ Linux Kernel Version6.5 Updaterc5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.053

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/e642eb67b8c10dcce758d549cc81564116e0fa49

Patch

https://git.kernel.org/stable/c/7d09f9f255a5f78578deba5454923072bb53b16c

Patch

https://git.kernel.org/stable/c/6311071a056272e1e761de8d0305e87cc566f734

Patch

https://nvd.nist.gov/vuln/detail/CVE-2023-53570

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53570

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53570

EUVD