CVE-2023-53570

EPSS 0.02%
Veröffentlicht 04.10.2025 15:17:11
Zuletzt bearbeitet 06.10.2025 14:56:21
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()

nl80211_parse_mbssid_elems() uses a u8 variable num_elems to count the
number of MBSSID elements in the nested netlink attribute attrs, which can
lead to an integer overflow if a user of the nl80211 interface specifies
256 or more elements in the corresponding attribute in userspace. The
integer overflow can lead to a heap buffer overflow as num_elems determines
the size of the trailing array in elems, and this array is thereafter
written to for each element in attrs.

Note that this vulnerability only affects devices with the
wiphy->mbssid_max_interfaces member set for the wireless physical device
struct in the device driver, and can only be triggered by a process with
CAP_NET_ADMIN capabilities.

Fix this by checking for a maximum of 255 elements in attrs.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < e642eb67b8c10dcce758d549cc81564116e0fa49

Version dc1e3cb8da8b414b37208b2fb6755fef8122504b

Status affected

Version < 7d09f9f255a5f78578deba5454923072bb53b16c

Version dc1e3cb8da8b414b37208b2fb6755fef8122504b

Status affected

Version < 6311071a056272e1e761de8d0305e87cc566f734

Version dc1e3cb8da8b414b37208b2fb6755fef8122504b

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.16

Status affected

Version < 5.16

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.46

Status unaffected

Version <= 6.4.*

Version 6.4.11

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.028

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/e642eb67b8c10dcce758d549cc81564116e0fa49

https://git.kernel.org/stable/c/7d09f9f255a5f78578deba5454923072bb53b16c

https://git.kernel.org/stable/c/6311071a056272e1e761de8d0305e87cc566f734

https://nvd.nist.gov/vuln/detail/CVE-2023-53570

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53570

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53570

EUVD