-
CVE-2023-54286
- EPSS 0.04%
- Veröffentlicht 30.12.2025 12:23:26
- Zuletzt bearbeitet 31.12.2025 20:42:43
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may be up to 32 bytes because it may contain MIC rx/tx keys too. These are not used by iwl and copying these over overflows the iwl_keyinfo.key field. Add a check to not copy more data to iwl_keyinfo.key then will fit. This fixes backtraces like this one: memcpy: detected field-spanning write (size 32) of single field "sta_cmd.key.key" at drivers/net/wireless/intel/iwlwifi/dvm/sta.c:1103 (size 16) WARNING: CPU: 1 PID: 946 at drivers/net/wireless/intel/iwlwifi/dvm/sta.c:1103 iwlagn_send_sta_key+0x375/0x390 [iwldvm] <snip> Hardware name: Dell Inc. Latitude E6430/0H3MT5, BIOS A21 05/08/2017 RIP: 0010:iwlagn_send_sta_key+0x375/0x390 [iwldvm] <snip> Call Trace: <TASK> iwl_set_dynamic_key+0x1f0/0x220 [iwldvm] iwlagn_mac_set_key+0x1e4/0x280 [iwldvm] drv_set_key+0xa4/0x1b0 [mac80211] ieee80211_key_enable_hw_accel+0xa8/0x2d0 [mac80211] ieee80211_key_replace+0x22d/0x8e0 [mac80211] <snip>
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
76b5ea43ad2fb4f726ddfaff839430a706e7d7c2
Version
5a3d9882b84edf5fa8e8ca33a5d6df25e2e727a5
Status
affected
Version <
3ed3c1c2fc3482b72e755820261779cd2e2c5a3e
Version
5a3d9882b84edf5fa8e8ca33a5d6df25e2e727a5
Status
affected
Version <
fa57021262e998e2229d6383b1081638df2fe238
Version
5a3d9882b84edf5fa8e8ca33a5d6df25e2e727a5
Status
affected
Version <
91ad1ab3cc7e981cb6d6ee100686baed64e1277e
Version
5a3d9882b84edf5fa8e8ca33a5d6df25e2e727a5
Status
affected
Version <
87940e4030e4705e1f3fd2bbb1854eae8308314b
Version
5a3d9882b84edf5fa8e8ca33a5d6df25e2e727a5
Status
affected
Version <
57189c885149825be8eb8c3524b5af017fdeb941
Version
5a3d9882b84edf5fa8e8ca33a5d6df25e2e727a5
Status
affected
Version <
6cd644f66b43709816561d63e0173cb0c7aab159
Version
5a3d9882b84edf5fa8e8ca33a5d6df25e2e727a5
Status
affected
Version <
ef16799640865f937719f0771c93be5dca18adc6
Version
5a3d9882b84edf5fa8e8ca33a5d6df25e2e727a5
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
3.1
Status
affected
Version <
3.1
Version
0
Status
unaffected
Version <=
4.14.*
Version
4.14.316
Status
unaffected
Version <=
4.19.*
Version
4.19.284
Status
unaffected
Version <=
5.4.*
Version
5.4.244
Status
unaffected
Version <=
5.10.*
Version
5.10.181
Status
unaffected
Version <=
5.15.*
Version
5.15.113
Status
unaffected
Version <=
6.1.*
Version
6.1.30
Status
unaffected
Version <=
6.3.*
Version
6.3.4
Status
unaffected
Version <=
*
Version
6.4
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.099 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|