Fluid Attacks Database

Description

A flaw was found in the Linux kernel's ath11k Wi-Fi driver. This memory leak vulnerability occurs when the ath11k_peer_find() function fails to properly release cryptographic resources. An attacker on the adjacent network with low privileges could exploit this, leading to a gradual reduction in available memory. This can ultimately cause a Denial of Service (DoS) on the affected system.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	linux	=5.10.103-1 \|\| =5.10.103-1~bpo10+1 \|\| =5.10.106-1 \|\| =5.10.113-1 \|\| =5.10.120-1 \|\| =5.10.120-1~bpo10+1 \|\| =5.10.127-1 \|\| =5.10.127-2 \|\| =5.10.127-2~bpo10+1 \|\| =5.10.136-1 \|\| =5.10.140-1 \|\| =5.10.148-1 \|\| =5.10.149-1 \|\| =5.10.149-2 \|\| =5.10.158-1 \|\| =5.10.158-2 \|\| =5.10.162-1 \|\| =5.10.46-4 \|\| =5.10.46-5 \|\| =5.10.70-1 \|\| =5.10.70-1~bpo10+1 \|\| =5.10.84-1 \|\| =5.10.92-1 \|\| =5.10.92-1~bpo10+1 \|\| =5.10.92-2 \|\| >=0 <5.10.178-1	5.10.178-1
debian 14	linux	>=0 <6.1.20-1	6.1.20-1
debian 12	linux	>=0 <6.1.20-1	6.1.20-1
debian 13	linux	>=0 <6.1.20-1	6.1.20-1
rpm rhel8	kernel	<0:4.18.0-513.5.1.el8_9	0:4.18.0-513.5.1.el8_9
rpm rhel9	kernel	<0:5.14.0-362.8.1.el9_3	0:5.14.0-362.8.1.el9_3
rpm rhel8	kernel-rt	-	-
rpm rhel9	kernel-rt	-	-

Aliases

1. CVE-2023-542752. NVD-2023-542753. OSV-DEBIAN-2023-542754. OSV-2023-542755. SECURITY-TRACKER-CVE-2023-54275

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.