CVE-2023-53321

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211_hwsim: drop short frames

While technically some control frames like ACK are shorter and
end after Address 1, such frames shouldn't be forwarded through
wmediumd or similar userspace, so require the full 3-address
header to avoid accessing invalid memory if shorter frames are
passed in.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
VendorProductVersion
linuxlinux_kernel
𝑥
< 5.4.257
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.197
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.133
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.55
linuxlinux_kernel
6.2 ≤
𝑥
< 6.5.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.237-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.147-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.41-1
fixed
forky
6.16.3-1
fixed
sid
6.16.7-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/3beb97bed860d95b14ad23578ce8ddaea62023db
https://git.kernel.org/stable/c/672205c6f2d11978fcd7f0f336bb2c708e28874b
https://git.kernel.org/stable/c/89a41ed7f21476301659ebd25ccb48a60791c1a7
https://git.kernel.org/stable/c/b9a175e3b250b0dc6e152988040aa5014e98e61e
https://git.kernel.org/stable/c/c64ee9dd335832d5e2ab0a8fc83a34ad4c729799
https://git.kernel.org/stable/c/fba360a047d5eeeb9d4b7c3a9b1c8308980ce9a6