CVE-2023-53199
- Source
- https://cve.org/CVERecord?id=CVE-2023-53199
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53199.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53199
- Downstream
- Related
- Published
- 2025-09-15T14:21:27.451Z
- Modified
- 2026-03-20T12:33:01.046085Z
- Summary
- wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath9k: hifusb: clean up skbs if ath9khifusbrx_stream() fails
Syzkaller detected a memory leak of skbs in ath9khifusbrxstream(). While processing skbs in ath9khifusbrxstream(), the already allocated skbs in skbpool are not freed if ath9khifusbrxstream() fails. If we have an incorrect pktlen or pkttag, the input skb is considered invalid and dropped. All the associated packets already in skbpool should be dropped and freed. Added a comment describing this issue.
The patch also makes remainskb NULL after being processed so that it cannot be referenced after potential free. The initialization of hifdev fields which are associated with remainskb (rxremainlen, rxtransferlen and rxpadlen) is moved after a new remainskb is allocated.
Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53199.json" }- References
-
- https://git.kernel.org/stable/c/0af54343a76263a12dbae7fafb64eb47c4a6ad38
- https://git.kernel.org/stable/c/3fc6401fafde11712a83089fa2cc874cfd10e2cd
- https://git.kernel.org/stable/c/61490d2710277e8a55009b7682456ae22f8087cf
- https://git.kernel.org/stable/c/9acdec72787af1bc8ed92711b52118c8e3e638a2
- https://git.kernel.org/stable/c/c766e37fccd5a5c5059be7efcd9618bf8a2c17c3
- https://git.kernel.org/stable/c/cd8316767099920a5d41feed1afab0c482a43e9f
- https://git.kernel.org/stable/c/f26dd69f61eff2eedf5df2d199bdd23108309947
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53199.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53199
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced44b23b488d44e56d467764ecb661830e5b02b308Fixed3fc6401fafde11712a83089fa2cc874cfd10e2cdFixedcd8316767099920a5d41feed1afab0c482a43e9fFixedf26dd69f61eff2eedf5df2d199bdd23108309947Fixed61490d2710277e8a55009b7682456ae22f8087cfFixed9acdec72787af1bc8ed92711b52118c8e3e638a2Fixedc766e37fccd5a5c5059be7efcd9618bf8a2c17c3Fixed0af54343a76263a12dbae7fafb64eb47c4a6ad38