CVE-2023-52525 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38
https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555
https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6
https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99
https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c
https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8
https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e
https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216
https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52525-3989@gregkh/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2023-52525
https://www.cve.org/CVERecord?id=CVE-2023-52525

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:4.14.326:::::::* cpe:2.3:o:linux:linux_kernel:4.19.295:::::::* cpe:2.3:o:linux:linux_kernel:5.4.257:::::::*
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 6.0, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H'}`	cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H'}`

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52525", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-20T12:30:33.317Z", "datePublished": "2024-03-02T21:52:31.638Z", "dateUpdated": "2025-05-04T12:49:10.564Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:49:10.564Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet\n\nOnly skip the code path trying to access the rfc1042 headers when the\nbuffer is too small, so the driver can still process packets without\nrfc1042 headers."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/marvell/mwifiex/sta_rx.c"], "versions": [{"version": "f517c97fc129995de77dd06aa5a74f909ebf568f", "lessThan": "71b1d2b57f145c8469aa9346f0fd57bf59b2b89c", "status": "affected", "versionType": "git"}, {"version": "8824aa4ab62c800f75d96f48e1883a5f56ec5869", "lessThan": "16cc18b9080892d1a0200a38e36ae52e464bc555", "status": "affected", "versionType": "git"}, {"version": "29eca8b7863d1d7de6c5b746b374e3487d14f154", "lessThan": "b8e260654a29de872e7cb85387d8ab8974694e8e", "status": "affected", "versionType": "git"}, {"version": "3fe3923d092e22d87d1ed03e2729db444b8c1331", "lessThan": "10a18c8bac7f60d32b7af22da03b66f350beee38", "status": "affected", "versionType": "git"}, {"version": "7c54b6fc39eb1aac51cf2945f8a25e2a47fdca02", "lessThan": "5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6", "status": "affected", "versionType": "git"}, {"version": "3975e21d4d01efaf0296ded40d11c06589c49245", "lessThan": "6b706286473db4fd54b5f869faa67f4a8cb18e99", "status": "affected", "versionType": "git"}, {"version": "650d1bc02fba7b42f476d8b6643324abac5921ed", "lessThan": "be2ff39b1504c5359f4a083c1cfcad21d666e216", "status": "affected", "versionType": "git"}, {"version": "11958528161731c58e105b501ed60b83a91ea941", "lessThan": "aef7a0300047e7b4707ea0411dc9597cba108fc8", "status": "affected", "versionType": "git"}, {"version": "a7300e3800e9fd5405e88ce67709c1a97783b9c8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/marvell/mwifiex/sta_rx.c"], "versions": [{"version": "4.14.326", "lessThan": "4.14.327", "status": "affected", "versionType": "semver"}, {"version": "4.19.295", "lessThan": "4.19.296", "status": "affected", "versionType": "semver"}, {"version": "5.4.257", "lessThan": "5.4.258", "status": "affected", "versionType": "semver"}, {"version": "5.10.195", "lessThan": "5.10.198", "status": "affected", "versionType": "semver"}, {"version": "5.15.132", "lessThan": "5.15.135", "status": "affected", "versionType": "semver"}, {"version": "6.1.53", "lessThan": "6.1.57", "status": "affected", "versionType": "semver"}, {"version": "6.5.3", "lessThan": "6.5.7", "status": "affected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.14.326", "versionEndExcluding": "4.14.327"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.295", "versionEndExcluding": "4.19.296"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.257", "versionEndExcluding": "5.4.258"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.195", "versionEndExcluding": "5.10.198"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.132", "versionEndExcluding": "5.15.135"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.53", "versionEndExcluding": "6.1.57"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5.3", "versionEndExcluding": "6.5.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4.16"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c"}, {"url": "https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555"}, {"url": "https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e"}, {"url": "https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38"}, {"url": "https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6"}, {"url": "https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99"}, {"url": "https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216"}, {"url": "https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8"}], "title": "wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52525", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-05T22:09:59.772787Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:22:08.743Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.670Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-52525 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-02-20T12:30:33.317Z (string)

datePublished : 2024-03-02T21:52:31.638Z (string)

dateUpdated : 2025-05-04T12:49:10.564Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T12:49:10.564Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet Only skip the code path trying to access the rfc1042 headers when the buffer is too small, so the driver can still process packets without rfc1042 headers. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/net/wireless/marvell/mwifiex/sta_rx.c (string)

]

versions : [ »

0 : { »

version : f517c97fc129995de77dd06aa5a74f909ebf568f (string)

lessThan : 71b1d2b57f145c8469aa9346f0fd57bf59b2b89c (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 8824aa4ab62c800f75d96f48e1883a5f56ec5869 (string)

lessThan : 16cc18b9080892d1a0200a38e36ae52e464bc555 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 29eca8b7863d1d7de6c5b746b374e3487d14f154 (string)

lessThan : b8e260654a29de872e7cb85387d8ab8974694e8e (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 3fe3923d092e22d87d1ed03e2729db444b8c1331 (string)

lessThan : 10a18c8bac7f60d32b7af22da03b66f350beee38 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 7c54b6fc39eb1aac51cf2945f8a25e2a47fdca02 (string)

lessThan : 5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 3975e21d4d01efaf0296ded40d11c06589c49245 (string)

lessThan : 6b706286473db4fd54b5f869faa67f4a8cb18e99 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 650d1bc02fba7b42f476d8b6643324abac5921ed (string)

lessThan : be2ff39b1504c5359f4a083c1cfcad21d666e216 (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : 11958528161731c58e105b501ed60b83a91ea941 (string)

lessThan : aef7a0300047e7b4707ea0411dc9597cba108fc8 (string)

status : affected (string)

versionType : git (string)

}

8 : { »

version : a7300e3800e9fd5405e88ce67709c1a97783b9c8 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/net/wireless/marvell/mwifiex/sta_rx.c (string)

]

versions : [ »

0 : { »

version : 4.14.326 (string)

lessThan : 4.14.327 (string)

status : affected (string)

versionType : semver (string)

}

1 : { »

version : 4.19.295 (string)

lessThan : 4.19.296 (string)

status : affected (string)

versionType : semver (string)

}

2 : { »

version : 5.4.257 (string)

lessThan : 5.4.258 (string)

status : affected (string)

versionType : semver (string)

}

3 : { »

version : 5.10.195 (string)

lessThan : 5.10.198 (string)

status : affected (string)

versionType : semver (string)

}

4 : { »

version : 5.15.132 (string)

lessThan : 5.15.135 (string)

status : affected (string)

versionType : semver (string)

}

5 : { »

version : 6.1.53 (string)

lessThan : 6.1.57 (string)

status : affected (string)

versionType : semver (string)

}

6 : { »

version : 6.5.3 (string)

lessThan : 6.5.7 (string)

status : affected (string)

versionType : semver (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.14.326 (string)

versionEndExcluding : 4.14.327 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.19.295 (string)

versionEndExcluding : 4.19.296 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.4.257 (string)

versionEndExcluding : 5.4.258 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.10.195 (string)

versionEndExcluding : 5.10.198 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.15.132 (string)

versionEndExcluding : 5.15.135 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 6.1.53 (string)

versionEndExcluding : 6.1.57 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 6.5.3 (string)

versionEndExcluding : 6.5.7 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 6.4.16 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c (string)

}

1 : { »

url : https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e (string)

}

3 : { »

url : https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8 (string)

}

]

title : wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-52525 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-03-05T22:09:59.772787Z (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-07-05T17:22:08.743Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T23:03:20.670Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.670Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52525", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-05T22:09:59.772787Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:41.358Z"}}], "cna": {"title": "wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "f517c97fc129995de77dd06aa5a74f909ebf568f", "lessThan": "71b1d2b57f145c8469aa9346f0fd57bf59b2b89c", "versionType": "git"}, {"status": "affected", "version": "8824aa4ab62c800f75d96f48e1883a5f56ec5869", "lessThan": "16cc18b9080892d1a0200a38e36ae52e464bc555", "versionType": "git"}, {"status": "affected", "version": "29eca8b7863d1d7de6c5b746b374e3487d14f154", "lessThan": "b8e260654a29de872e7cb85387d8ab8974694e8e", "versionType": "git"}, {"status": "affected", "version": "3fe3923d092e22d87d1ed03e2729db444b8c1331", "lessThan": "10a18c8bac7f60d32b7af22da03b66f350beee38", "versionType": "git"}, {"status": "affected", "version": "7c54b6fc39eb1aac51cf2945f8a25e2a47fdca02", "lessThan": "5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6", "versionType": "git"}, {"status": "affected", "version": "3975e21d4d01efaf0296ded40d11c06589c49245", "lessThan": "6b706286473db4fd54b5f869faa67f4a8cb18e99", "versionType": "git"}, {"status": "affected", "version": "650d1bc02fba7b42f476d8b6643324abac5921ed", "lessThan": "be2ff39b1504c5359f4a083c1cfcad21d666e216", "versionType": "git"}, {"status": "affected", "version": "11958528161731c58e105b501ed60b83a91ea941", "lessThan": "aef7a0300047e7b4707ea0411dc9597cba108fc8", "versionType": "git"}, {"status": "affected", "version": "a7300e3800e9fd5405e88ce67709c1a97783b9c8", "versionType": "git"}], "programFiles": ["drivers/net/wireless/marvell/mwifiex/sta_rx.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.14.326", "lessThan": "4.14.327", "versionType": "semver"}, {"status": "affected", "version": "4.19.295", "lessThan": "4.19.296", "versionType": "semver"}, {"status": "affected", "version": "5.4.257", "lessThan": "5.4.258", "versionType": "semver"}, {"status": "affected", "version": "5.10.195", "lessThan": "5.10.198", "versionType": "semver"}, {"status": "affected", "version": "5.15.132", "lessThan": "5.15.135", "versionType": "semver"}, {"status": "affected", "version": "6.1.53", "lessThan": "6.1.57", "versionType": "semver"}, {"status": "affected", "version": "6.5.3", "lessThan": "6.5.7", "versionType": "semver"}], "programFiles": ["drivers/net/wireless/marvell/mwifiex/sta_rx.c"], "defaultStatus": "unaffected"}], "references": [{"url": "https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c"}, {"url": "https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555"}, {"url": "https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e"}, {"url": "https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38"}, {"url": "https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6"}, {"url": "https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99"}, {"url": "https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216"}, {"url": "https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet\n\nOnly skip the code path trying to access the rfc1042 headers when the\nbuffer is too small, so the driver can still process packets without\nrfc1042 headers."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.327", "versionStartIncluding": "4.14.326"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.296", "versionStartIncluding": "4.19.295"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.258", "versionStartIncluding": "5.4.257"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.198", "versionStartIncluding": "5.10.195"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.135", "versionStartIncluding": "5.15.132"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.57", "versionStartIncluding": "6.1.53"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.5.7", "versionStartIncluding": "6.5.3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "6.4.16"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:49:10.564Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52525", "state": "PUBLISHED", "dateUpdated": "2025-05-04T12:49:10.564Z", "dateReserved": "2024-02-20T12:30:33.317Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-02T21:52:31.638Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T23:03:20.670Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-52525 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-03-05T22:09:59.772787Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-07-05T15:20:41.358Z (string)

}

]

cna : { »

title : wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : f517c97fc129995de77dd06aa5a74f909ebf568f (string)

lessThan : 71b1d2b57f145c8469aa9346f0fd57bf59b2b89c (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 8824aa4ab62c800f75d96f48e1883a5f56ec5869 (string)

lessThan : 16cc18b9080892d1a0200a38e36ae52e464bc555 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 29eca8b7863d1d7de6c5b746b374e3487d14f154 (string)

lessThan : b8e260654a29de872e7cb85387d8ab8974694e8e (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 3fe3923d092e22d87d1ed03e2729db444b8c1331 (string)

lessThan : 10a18c8bac7f60d32b7af22da03b66f350beee38 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 7c54b6fc39eb1aac51cf2945f8a25e2a47fdca02 (string)

lessThan : 5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 3975e21d4d01efaf0296ded40d11c06589c49245 (string)

lessThan : 6b706286473db4fd54b5f869faa67f4a8cb18e99 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 650d1bc02fba7b42f476d8b6643324abac5921ed (string)

lessThan : be2ff39b1504c5359f4a083c1cfcad21d666e216 (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 11958528161731c58e105b501ed60b83a91ea941 (string)

lessThan : aef7a0300047e7b4707ea0411dc9597cba108fc8 (string)

versionType : git (string)

}

8 : { »

status : affected (string)

version : a7300e3800e9fd5405e88ce67709c1a97783b9c8 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : drivers/net/wireless/marvell/mwifiex/sta_rx.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 4.14.326 (string)

lessThan : 4.14.327 (string)

versionType : semver (string)

}

1 : { »

status : affected (string)

version : 4.19.295 (string)

lessThan : 4.19.296 (string)

versionType : semver (string)

}

2 : { »

status : affected (string)

version : 5.4.257 (string)

lessThan : 5.4.258 (string)

versionType : semver (string)

}

3 : { »

status : affected (string)

version : 5.10.195 (string)

lessThan : 5.10.198 (string)

versionType : semver (string)

}

4 : { »

status : affected (string)

version : 5.15.132 (string)

lessThan : 5.15.135 (string)

versionType : semver (string)

}

5 : { »

status : affected (string)

version : 6.1.53 (string)

lessThan : 6.1.57 (string)

versionType : semver (string)

}

6 : { »

status : affected (string)

version : 6.5.3 (string)

lessThan : 6.5.7 (string)

versionType : semver (string)

}

]

programFiles : [ »

0 : drivers/net/wireless/marvell/mwifiex/sta_rx.c (string)

]

defaultStatus : unaffected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c (string)

}

1 : { »

url : https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e (string)

}

3 : { »

url : https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8 (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet Only skip the code path trying to access the rfc1042 headers when the buffer is too small, so the driver can still process packets without rfc1042 headers. (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.14.327 (string)

versionStartIncluding : 4.14.326 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.296 (string)

versionStartIncluding : 4.19.295 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.258 (string)

versionStartIncluding : 5.4.257 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.198 (string)

versionStartIncluding : 5.10.195 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15.135 (string)

versionStartIncluding : 5.15.132 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.1.57 (string)

versionStartIncluding : 6.1.53 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.5.7 (string)

versionStartIncluding : 6.5.3 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionStartIncluding : 6.4.16 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T12:49:10.564Z (string)

}

cveMetadata : { »

cveId : CVE-2023-52525 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T12:49:10.564Z (string)

dateReserved : 2024-02-20T12:30:33.317Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-03-02T21:52:31.638Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "473AE17D-E000-42E4-8762-8669D7D816A9", "versionEndExcluding": "5.10.198", "versionStartIncluding": "5.10.195", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "227A22A5-7242-489E-9B0A-D42858962A3D", "versionEndExcluding": "5.15.135", "versionStartIncluding": "5.15.132", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9EFECC3D-19B3-431A-B85F-A2926E5DEAD0", "versionEndExcluding": "6.1.57", "versionStartIncluding": "6.1.53", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E413C8D4-78D9-4BA2-AA27-C686E4D65A09", "versionEndExcluding": "6.5.7", "versionStartIncluding": "6.5.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.14.326:*:*:*:*:*:*:*", "matchCriteriaId": "7D69FD12-238F-4D96-8520-4C77E2B6FB85", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.19.295:*:*:*:*:*:*:*", "matchCriteriaId": "67A9EA15-10FD-4821-99DA-139F28267AF1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.4.257:*:*:*:*:*:*:*", "matchCriteriaId": "66DC852D-D687-42FE-B337-455473C3ADFB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet\n\nOnly skip the code path trying to access the rfc1042 headers when the\nbuffer is too small, so the driver can still process packets without\nrfc1042 headers."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mwifiex: corrige la condici\u00f3n de verificaci\u00f3n de oob en mwifiex_process_rx_packet Solo omita la ruta del c\u00f3digo al intentar acceder a los encabezados rfc1042 cuando el b\u00fafer sea demasiado peque\u00f1o, para que el controlador a\u00fan pueda procesar paquetes sin encabezados rfc1042 ."}], "id": "CVE-2023-52525", "lastModified": "2025-01-13T20:04:04.813", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-02T22:15:48.313", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 473AE17D-E000-42E4-8762-8669D7D816A9 (string)

versionEndExcluding : 5.10.198 (string)

versionStartIncluding : 5.10.195 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 227A22A5-7242-489E-9B0A-D42858962A3D (string)

versionEndExcluding : 5.15.135 (string)

versionStartIncluding : 5.15.132 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9EFECC3D-19B3-431A-B85F-A2926E5DEAD0 (string)

versionEndExcluding : 6.1.57 (string)

versionStartIncluding : 6.1.53 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E413C8D4-78D9-4BA2-AA27-C686E4D65A09 (string)

versionEndExcluding : 6.5.7 (string)

versionStartIncluding : 6.5.3 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:4.14.326:*:*:*:*:*:*:* (string)

matchCriteriaId : 7D69FD12-238F-4D96-8520-4C77E2B6FB85 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:4.19.295:*:*:*:*:*:*:* (string)

matchCriteriaId : 67A9EA15-10FD-4821-99DA-139F28267AF1 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.4.257:*:*:*:*:*:*:* (string)

matchCriteriaId : 66DC852D-D687-42FE-B337-455473C3ADFB (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet Only skip the code path trying to access the rfc1042 headers when the buffer is too small, so the driver can still process packets without rfc1042 headers. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mwifiex: corrige la condición de verificación de oob en mwifiex_process_rx_packet Solo omita la ruta del código al intentar acceder a los encabezados rfc1042 cuando el búfer sea demasiado pequeño, para que el controlador aún pueda procesar paquetes sin encabezados rfc1042 . (string)

}

]

id : CVE-2023-52525 (string)

lastModified : 2025-01-13T20:04:04.813 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.1 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.2 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-03-02T22:15:48.313 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8 (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/10a18c8bac7f60d32b7af22da03b66f350beee38 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/16cc18b9080892d1a0200a38e36ae52e464bc555 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/71b1d2b57f145c8469aa9346f0fd57bf59b2b89c (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/b8e260654a29de872e7cb85387d8ab8974694e8e (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216 (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-125 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet", "id": "2267792", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267792"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nwifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet\nOnly skip the code path trying to access the rfc1042 headers when the\nbuffer is too small, so the driver can still process packets without\nrfc1042 headers.", "An out-of-bounds vulnerability was found in the mwifiex_process_rx_packet() function in the Linux kernel, which occurs from improper boundary checks when accessing the RFC1042 headers in received packets. If the packet buffer is too small, the function skips code paths that handle these headers, which could lead to incorrect packet processing and a potential out-of-bounds access, causing a crash or memory corruption."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-52525", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52525\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52525\nhttps://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52525-3989@gregkh/T/#u"], "statement": "Red Hat Enterprise Linux 8 and 9 are not affected by this vulnerability.", "threat_severity": "Moderate"}

{

bugzilla : { »

description : kernel: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet (string)

id : 2267792 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2267792 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 6.0 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H (string)

status : draft (string)

}

cwe : CWE-125 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet Only skip the code path trying to access the rfc1042 headers when the buffer is too small, so the driver can still process packets without rfc1042 headers. (string)

1 : An out-of-bounds vulnerability was found in the mwifiex_process_rx_packet() function in the Linux kernel, which occurs from improper boundary checks when accessing the RFC1042 headers in received packets. If the packet buffer is too small, the function skips code paths that handle these headers, which could lead to incorrect packet processing and a potential out-of-bounds access, causing a crash or memory corruption. (string)

]

mitigation : { »

lang : en:us (string)

value : Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. (string)

}

name : CVE-2023-52525 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-03-02T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2023-52525 https://nvd.nist.gov/vuln/detail/CVE-2023-52525 https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52525-3989@gregkh/T/#u (string)

]

statement : Red Hat Enterprise Linux 8 and 9 are not affected by this vulnerability. (string)

threat_severity : Moderate (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object