Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-53257

Опубликовано: 15 сент. 2025
Источник: redhat
CVSS3: 7.5

Описание

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame.

Отчет

Exploitable by an RF-adjacent attacker via malformed 802.11ah (S1G) action frames. No local privileges required. Impact is limited to potential denial-of-service from a kernel crash. Not applicable where 802.11ah/S1G is not in use. Fixed starting from the Red Hat Enterprise Linux 9.4.

Меры по смягчению последствий

To mitigate this issue, prevent module mac80211 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelNot affected
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 9kernelAffected
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2025:1944003.11.2025
Red Hat Enterprise Linux 8kernelFixedRHSA-2025:1944703.11.2025
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportkernelFixedRHSA-2025:2200625.11.2025
Red Hat Enterprise Linux 8.6 Telecommunications Update ServicekernelFixedRHSA-2025:2200625.11.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2395253kernel: wifi: mac80211: check S1G action frame size

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-53257

CVSS3: 7.8
ubuntu
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame.

nvd логотип

CVE-2023-53257

CVSS3: 7.8
nvd
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame.

debian логотип

CVE-2023-53257

CVSS3: 7.8
debian
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: w ...

github логотип

GHSA-5qfv-wj98-fqxv

CVSS3: 7.8
github
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame.

fstec логотип

BDU:2026-02189

CVSS3: 7.8
fstec
больше 2 лет назад

Уязвимость функции ieee80211_rx_h_action() в модуле net/mac80211/rx.c реализации стека mac80211 ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

7.5 High

CVSS3