-

CVE-2023-53802

EPSS 0.02%
Veröffentlicht 09.12.2025 00:00:58
Zuletzt bearbeitet 09.12.2025 18:37:13
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function

It is stated that ath9k_htc_rx_msg() either frees the provided skb or
passes its management to another callback function. However, the skb is
not freed in case there is no another callback function, and Syzkaller was
able to cause a memory leak. Also minor comment fix.

Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < b11f95f65cc52ee3a756e6f6a88df37a203e25bd

Version fb9987d0f748c983bb795a86f47522313f701a08

Status affected

Version < 68171c006c8645a3e0293a6c3e6037c6538ac1c5

Version fb9987d0f748c983bb795a86f47522313f701a08

Status affected

Version < 564bc2222bf50eb6cdee715a5431bf4dc9f923c1

Version fb9987d0f748c983bb795a86f47522313f701a08

Status affected

Version < ec246dfe006b2a8f36353f7489e4f525114db9a5

Version fb9987d0f748c983bb795a86f47522313f701a08

Status affected

Version < c0c0614f143b568cd0e9525d53cf12e5dcd11987

Version fb9987d0f748c983bb795a86f47522313f701a08

Status affected

Version < 5a84e51f72580fc70066b03f3dac38421e702a0b

Version fb9987d0f748c983bb795a86f47522313f701a08

Status affected

Version < bbfababb4f899fe1556eac195f9774b6fe675fb6

Version fb9987d0f748c983bb795a86f47522313f701a08

Status affected

Version < 9b25e3985477ac3f02eca5fc1e0cc6850a3f7e69

Version fb9987d0f748c983bb795a86f47522313f701a08

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.35

Status affected

Version < 2.6.35

Version 0

Status unaffected

Version <= 4.14.*

Version 4.14.308

Status unaffected

Version <= 4.19.*

Version 4.19.276

Status unaffected

Version <= 5.4.*

Version 5.4.235

Status unaffected

Version <= 5.10.*

Version 5.10.173

Status unaffected

Version <= 5.15.*

Version 5.15.99

Status unaffected

Version <= 6.1.*

Version 6.1.16

Status unaffected

Version <= 6.2.*

Version 6.2.3

Status unaffected

Version <= *

Version 6.3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.058

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/b11f95f65cc52ee3a756e6f6a88df37a203e25bd

https://git.kernel.org/stable/c/68171c006c8645a3e0293a6c3e6037c6538ac1c5

https://git.kernel.org/stable/c/564bc2222bf50eb6cdee715a5431bf4dc9f923c1

https://git.kernel.org/stable/c/ec246dfe006b2a8f36353f7489e4f525114db9a5

https://git.kernel.org/stable/c/c0c0614f143b568cd0e9525d53cf12e5dcd11987

https://git.kernel.org/stable/c/5a84e51f72580fc70066b03f3dac38421e702a0b

https://git.kernel.org/stable/c/bbfababb4f899fe1556eac195f9774b6fe675fb6

https://git.kernel.org/stable/c/9b25e3985477ac3f02eca5fc1e0cc6850a3f7e69

https://nvd.nist.gov/vuln/detail/CVE-2023-53802

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53802

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53802

EUVD