CVE-2023-53575

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53575
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53575.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53575
Downstream
Related
Published
2025-10-04T15:17:15.224Z
Modified
2026-02-20T01:35:53.675149Z
Summary
wifi: iwlwifi: mvm: fix potential array out of bounds access
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: fix potential array out of bounds access

Account for IWLSECWEPKEYOFFSET when needed while verifying keylen size in iwlmvmseckey_add().

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53575.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5c75a208c2449c6ea24f07610cc052f6a352246c
Fixed
133b1cd4d98bb8b272335c8e6b0e0c399c0b2ffa
Fixed
637452360ecde9ac972d19416e9606529576b302

Affected versions

v6.*
v6.1
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53575.json"
vanir_signatures 
[
    {
        "id": "CVE-2023-53575-507417e1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@133b1cd4d98bb8b272335c8e6b0e0c399c0b2ffa",
        "target": {
            "file": "drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c"
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "294677524809182683172125718255422456754",
                "7018145108781545964879955971740586335",
                "13816658079663270599972194901046688766",
                "154629654083283835057622426962167159395",
                "238846880730027078823186760804025419816",
                "146885548956683883667186879003022597344",
                "215257554471325299987009551153007117120"
            ],
            "threshold": 0.9
        }
    },
    {
        "id": "CVE-2023-53575-7f8c0e0d",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@133b1cd4d98bb8b272335c8e6b0e0c399c0b2ffa",
        "target": {
            "file": "drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c",
            "function": "iwl_mvm_sec_key_add"
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "length": 1570.0,
            "function_hash": "226039143631996581617163054442647841216"
        }
    },
    {
        "id": "CVE-2023-53575-dddcbeb7",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@637452360ecde9ac972d19416e9606529576b302",
        "target": {
            "file": "drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c",
            "function": "iwl_mvm_mld_send_key"
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "length": 1468.0,
            "function_hash": "117031222177995132473142729730217318416"
        }
    },
    {
        "id": "CVE-2023-53575-e70d2487",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@637452360ecde9ac972d19416e9606529576b302",
        "target": {
            "file": "drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c"
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "294677524809182683172125718255422456754",
                "7018145108781545964879955971740586335",
                "13816658079663270599972194901046688766",
                "154629654083283835057622426962167159395",
                "238846880730027078823186760804025419816",
                "146885548956683883667186879003022597344",
                "215257554471325299987009551153007117120"
            ],
            "threshold": 0.9
        }
    }
]

Git / github.com/gregkh/linux

Affected ranges

Type
GIT
Repo
https://github.com/gregkh/linux
Events
Introduced
c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
Fixed
4e382c2b468348d6208e5a18dbf1591a18170889

Affected versions

v6.*
v6.2
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53575.json"