CVE-2023-52769

wifi: ath12k: fix htt mlo-offset event locking

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU but the htt mlo-offset event handling code calling ath12k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues. Compile tested only.

References

Link	Tags
https://git.kernel.org/stable/c/d908ca431e20b0e4bfc5d911d1744910ed779bdb	patch
https://git.kernel.org/stable/c/afd3425bd69610f318403084fe491e24a1357fb9	patch
https://git.kernel.org/stable/c/6afc57ea315e0f660b1f870a681737bb7b71faef	patch

Frequently Asked Questions

What is the severity of CVE-2023-52769?: CVE-2023-52769 has been scored as a high severity vulnerability.
How to fix CVE-2023-52769?: To fix CVE-2023-52769, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52769 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2023-52769 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52769?: CVE-2023-52769 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Category

CWE-416 – Use After Free

References

Frequently Asked Questions