CVE-2023-53028
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53028
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53028.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53028
- Downstream
- Related
- Published
- 2025-03-27T16:43:57.568Z
- Modified
- 2025-11-30T01:06:06.308111Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Revert "wifi: mac80211: fix memory leak in ieee80211ifadd()"
This reverts commit 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293.
ieee80211iffree() is already called from freenetdev(ndev) because ndev->privdestructor == ieee80211iffree
syzbot reported:
general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] CPU: 0 PID: 10041 Comm: syz-executor.0 Not tainted 6.2.0-rc2-syzkaller-00388-g55b98837e37d #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 RIP: 0010:pcpugetpagechunk mm/percpu.c:262 [inline] RIP: 0010:pcpuchunkaddrsearch mm/percpu.c:1619 [inline] RIP: 0010:freepercpu mm/percpu.c:2271 [inline] RIP: 0010:freepercpu+0x186/0x10f0 mm/percpu.c:2254 Code: 80 3c 02 00 0f 85 f5 0e 00 00 48 8b 3b 48 01 ef e8 cf b3 0b 00 48 ba 00 00 00 00 00 fc ff df 48 8d 78 20 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 3b 0e 00 00 48 8b 58 20 48 b8 00 00 00 00 00 fc RSP: 0018:ffffc90004ba7068 EFLAGS: 00010002 RAX: 0000000000000000 RBX: ffff88823ffe2b80 RCX: 0000000000000004 RDX: dffffc0000000000 RSI: ffffffff81c1f4e7 RDI: 0000000000000020 RBP: ffffe8fffe8fc220 R08: 0000000000000005 R09: 0000000000000000 R10: 0000000000000000 R11: 1ffffffff2179ab2 R12: ffff8880b983d000 R13: 0000000000000003 R14: 0000607f450fc220 R15: ffff88823ffe2988 FS: 00007fcb349de700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b32220000 CR3: 000000004914f000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> netdevruntodo+0x6bf/0x1100 net/core/dev.c:10352 ieee80211registerhw+0x2663/0x4040 net/mac80211/main.c:1411 mac80211hwsimnewradio+0x2537/0x4d80 drivers/net/wireless/mac80211hwsim.c:4583 hwsimnewradionl+0xa09/0x10f0 drivers/net/wireless/mac80211hwsim.c:5176 genlfamilyrcvmsgdoit.isra.0+0x1e6/0x2d0 net/netlink/genetlink.c:968 genlfamilyrcvmsg net/netlink/genetlink.c:1048 [inline] genlrcvmsg+0x4ff/0x7e0 net/netlink/genetlink.c:1065 netlinkrcvskb+0x165/0x440 net/netlink/afnetlink.c:2564 genlrcv+0x28/0x40 net/netlink/genetlink.c:1076 netlinkunicastkernel net/netlink/afnetlink.c:1330 [inline] netlinkunicast+0x547/0x7f0 net/netlink/afnetlink.c:1356 netlinksendmsg+0x91b/0xe10 net/netlink/afnetlink.c:1932 socksendmsgnosec net/socket.c:714 [inline] socksendmsg+0xd3/0x120 net/socket.c:734 syssendmsg+0x712/0x8c0 net/socket.c:2476 syssendmsg+0x110/0x1b0 net/socket.c:2530 _syssendmsg+0xf7/0x1c0 net/socket.c:2559 dosyscallx64 arch/x86/entry/common.c:50 [inline] dosyscall64+0x39/0xb0 arch/x86/entry/common.c:80 entrySYSCALL64afterhwframe+0x63/0xcd
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53028.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/71e5cd1018d345e649e63f74a56c1897f99db7e9
- https://git.kernel.org/stable/c/80f8a66dede0a4b4e9e846765a97809c6fe49ce5
- https://git.kernel.org/stable/c/982c8b1e95c088f5d8f65967ec25be66e961401c
- https://git.kernel.org/stable/c/effecd8d116d3d3a28b4f628e61bba8d318fdfcf
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53028.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53028
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb2c0b94f48373ee743a4d63825a9d52364418837Fixed71e5cd1018d345e649e63f74a56c1897f99db7e9
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2e32f1299814e8aa2e75aa58704543a36ea3e201Fixed982c8b1e95c088f5d8f65967ec25be66e961401c
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9a50a7f64243bd21a84353c371f3977b9ffd9fa5Fixedeffecd8d116d3d3a28b4f628e61bba8d318fdfcf
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced13e5afd3d773c6fc6ca2b89027befaaaa1ea7293Fixed80f8a66dede0a4b4e9e846765a97809c6fe49ce5
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected147537737a3c83e07a5295de38424c21d354d2a4