CVE Published: 21/05/2024 |
CVE Updated: 29/11/2024 |
CVE Year: 2023 Source: Linux |
Vendor: Linux |
Product: Linux Status : PUBLISHED
CVE-2023-52827 Description
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()
len is extracted from HTT message and could be an unexpected value in
case errors happen, so add validation before using to avoid possible
out-of-bound read in the following message iteration and parsing.
The same issue also applies to ppdu_info->ppdu_stats.common.num_users,
so validate it before using too.
These are found during code review.
Compile test only.