Lucene search

RedhatVULNRICHMENT:CVE-2023-7042

HistoryDec 21, 2023 - 8:02 p.m.

CVE-2023-7042 Kernel: null pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()

2023-12-2120:02:16

CWE-476

redhat

github.com

cve-2023-7042

ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev

denial of service

linux kernel

drivers/net/wireless/ath

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.

References

access.redhat.com/security/cve/CVE-2023-7042

bugzilla.redhat.com/show_bug.cgi?id=2255497

lists.debian.org/debian-lts-announce/2024/06/msg00017.html

lists.debian.org/debian-lts-announce/2024/06/msg00020.html

lists.fedoraproject.org/archives/list/[email protected]/message/54PLF5J33IRSLSR4UU6LQSMXX6FI5AOQ/

lists.fedoraproject.org/archives/list/[email protected]/message/C25BK2YH5MZ6VNQXKF2NAJBTGXVEPKGC/

patchwork.kernel.org/project/linux-wireless/patch/[email protected]/

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-7042