CVE-2023-52832

CRITICAL EPSS 66.2%
Published May 21, 20242y ago · Modified Jun 17, 20262w ago
9.1 CVSS 3.1
Critical
Find Similar
Published May 21, 2024 2y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211_get_tx_power() We can get a UBSAN warning if ieee80211_get_tx_power() returns the INT_MIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5 -2147483648 * 100 cannot be represented in type 'int' CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE Call Trace: dump_stack+0x74/0x92 ubsan_epilogue+0x9/0x50 handle_overflow+0x8d/0xd0 __ubsan_handle_mul_overflow+0xe/0x10 nl80211_send_iface+0x688/0x6b0 [cfg80211] [...] cfg80211_register_wdev+0x78/0xb0 [cfg80211] cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211] [...] ieee80211_if_add+0x60e/0x8f0 [mac80211] ieee80211_register_hw+0xda5/0x1170 [mac80211] In this case, simply return an error instead, to indicate that no data is available.

CVSS Details

Base Score
9.1
Exploitability
3.9
Impact
5.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
66.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-920

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel* <4.14.331
linuxlinux_kernel*≥4.15  –  <4.19.300
linuxlinux_kernel*≥4.20  –  <5.4.262
linuxlinux_kernel*≥5.5  –  <5.10.202
linuxlinux_kernel*≥5.11  –  <5.15.140
linuxlinux_kernel*≥5.16  –  <6.1.64
linuxlinux_kernel*≥6.2  –  <6.5.13
linuxlinux_kernel*≥6.6  –  <6.6.3

References 9

  • git.kernel.org https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/21a0f310a9f3bfd2b4cf4f382430e638607db846
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/298e767362cade639b7121ecb3cc5345b6529f62
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2be24c47ac19bf639c48c082486c08888bd603c6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5a94cffe90e20e8fade0b9abd4370bd671fe87c7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/717de20abdcd1d4993fa450e28b8086a352620ea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/adc2474d823fe81d8da759207f4f1d3691aa775a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e160ab85166e77347d0cbe5149045cb25e83937f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/efeae5f4972f75d50002bc50eb112ab9e7069b18
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/21a0f310a9f3bfd2b4cf4f382430e638607db846
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/298e767362cade639b7121ecb3cc5345b6529f62
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2be24c47ac19bf639c48c082486c08888bd603c6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5a94cffe90e20e8fade0b9abd4370bd671fe87c7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/717de20abdcd1d4993fa450e28b8086a352620ea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/adc2474d823fe81d8da759207f4f1d3691aa775a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e160ab85166e77347d0cbe5149045cb25e83937f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/efeae5f4972f75d50002bc50eb112ab9e7069b18
    Patch