CVE-2023-54286

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's iwlwifi component, specifically within the dvm module, related to a memory copy operation. A received TKIP key can be up to 32 bytes, potentially overflowing the iwl keyinfo.key field during the copy process. This can lead to a field-spanning write, as indicated by backtraces. The issue occurs when handling TKIP keys that include MIC rx/tx keys, which are not utilized by iwl but are inadvertently copied, causing the overflow. A check has been added to prevent copying more data to iwl keyinfo.key than it can accommodate.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.