-

CVE-2023-53802

EPSS 0.03%
Veröffentlicht 09.12.2025 00:00:58
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function

It is stated that ath9k_htc_rx_msg() either frees the provided skb or
passes its management to another callback function. However, the skb is
not freed in case there is no another callback function, and Syzkaller was
able to cause a memory leak. Also minor comment fix.

Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version fb9987d0f748c983bb795a86f47522313f701a08

Version < b11f95f65cc52ee3a756e6f6a88df37a203e25bd

Status affected

Version fb9987d0f748c983bb795a86f47522313f701a08

Version < 68171c006c8645a3e0293a6c3e6037c6538ac1c5

Status affected

Version fb9987d0f748c983bb795a86f47522313f701a08

Version < 564bc2222bf50eb6cdee715a5431bf4dc9f923c1

Status affected

Version fb9987d0f748c983bb795a86f47522313f701a08

Version < ec246dfe006b2a8f36353f7489e4f525114db9a5

Status affected

Version fb9987d0f748c983bb795a86f47522313f701a08

Version < c0c0614f143b568cd0e9525d53cf12e5dcd11987

Status affected

Version fb9987d0f748c983bb795a86f47522313f701a08

Version < 5a84e51f72580fc70066b03f3dac38421e702a0b

Status affected

Version fb9987d0f748c983bb795a86f47522313f701a08

Version < bbfababb4f899fe1556eac195f9774b6fe675fb6

Status affected

Version fb9987d0f748c983bb795a86f47522313f701a08

Version < 9b25e3985477ac3f02eca5fc1e0cc6850a3f7e69

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.35

Status affected

Version 0

Version < 2.6.35

Status unaffected

Version <= 4.14.*

Version 4.14.308

Status unaffected

Version <= 4.19.*

Version 4.19.276

Status unaffected

Version <= 5.4.*

Version 5.4.235

Status unaffected

Version <= 5.10.*

Version 5.10.173

Status unaffected

Version <= 5.15.*

Version 5.15.99

Status unaffected

Version <= 6.1.*

Version 6.1.16

Status unaffected

Version <= 6.2.*

Version 6.2.3

Status unaffected

Version <= *

Version 6.3

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.085

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/b11f95f65cc52ee3a756e6f6a88df37a203e25bd

https://git.kernel.org/stable/c/68171c006c8645a3e0293a6c3e6037c6538ac1c5

https://git.kernel.org/stable/c/564bc2222bf50eb6cdee715a5431bf4dc9f923c1

https://git.kernel.org/stable/c/ec246dfe006b2a8f36353f7489e4f525114db9a5

https://git.kernel.org/stable/c/c0c0614f143b568cd0e9525d53cf12e5dcd11987

https://git.kernel.org/stable/c/5a84e51f72580fc70066b03f3dac38421e702a0b

https://git.kernel.org/stable/c/bbfababb4f899fe1556eac195f9774b6fe675fb6

https://git.kernel.org/stable/c/9b25e3985477ac3f02eca5fc1e0cc6850a3f7e69

https://nvd.nist.gov/vuln/detail/CVE-2023-53802

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53802

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53802

EUVD