CVE-2023-53721

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-53721
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53721.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53721
Downstream
Related
Published
2025-10-22T13:23:52.699Z
Modified
2025-11-28T05:20:45.017816Z
Summary
wifi: ath12k: Fix a NULL pointer dereference in ath12k_mac_op_hw_scan()
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: Fix a NULL pointer dereference in ath12kmacophwscan()

In ath12kmacophwscan(), the return value of kzalloc() is directly used in memcpy(), which may lead to a NULL pointer dereference on failure of kzalloc().

Fix this bug by adding a check of arg.extraie.ptr.

Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0-03427-QCAHMTSWPLV1.0V2.0_SILICONZ-1.15378.4

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53721.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d889913205cf7ebda905b1e62c5867ed4e39f6c2
Fixed
5a263df398b581189fe632b4ab8440f3dd76c251
Fixed
8ad314da54c6dd223a6b6cc85019160aa842f659

Affected versions

v6.*

v6.1
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.5.1
v6.5.2
v6.5.3
v6.5.4

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8ad314da54c6dd223a6b6cc85019160aa842f659",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2023-53721-5ed8aa14",
        "digest": {
            "function_hash": "133023560391040428074557483283852184209",
            "length": 1870.0
        },
        "target": {
            "file": "drivers/net/wireless/ath/ath12k/mac.c",
            "function": "ath12k_mac_op_hw_scan"
        }
    },
    {
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a263df398b581189fe632b4ab8440f3dd76c251",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2023-53721-a2a92090",
        "digest": {
            "line_hashes": [
                "52448726792091396138483193051389064155",
                "211654134562658660262426132574575825017",
                "300525411789807354053296187151314861246",
                "110521751560132410410331664126030252473",
                "241365868741976487606047626047216886214",
                "152346502872429114417228756144662658854",
                "24638502634441471918810140397772100787"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "drivers/net/wireless/ath/ath12k/mac.c"
        }
    },
    {
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8ad314da54c6dd223a6b6cc85019160aa842f659",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2023-53721-a633b5ce",
        "digest": {
            "line_hashes": [
                "52448726792091396138483193051389064155",
                "211654134562658660262426132574575825017",
                "300525411789807354053296187151314861246",
                "110521751560132410410331664126030252473",
                "241365868741976487606047626047216886214",
                "152346502872429114417228756144662658854",
                "24638502634441471918810140397772100787"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "drivers/net/wireless/ath/ath12k/mac.c"
        }
    },
    {
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a263df398b581189fe632b4ab8440f3dd76c251",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2023-53721-cc8c3655",
        "digest": {
            "function_hash": "133023560391040428074557483283852184209",
            "length": 1870.0
        },
        "target": {
            "file": "drivers/net/wireless/ath/ath12k/mac.c",
            "function": "ath12k_mac_op_hw_scan"
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.3.0
Fixed
6.5.5