PT-2023-1166 · Linux+5 · Linux Kernel+5

Szymon Heidrich

Published

2023-01-10

Updated

2026-02-24

CVE-2023-23559

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 6.1.5

Description The issue is related to an integer overflow in the rndis query oid() function in the drivers/net/wireless/rndis wlan.c file of the Linux kernel. This overflow occurs during an addition operation. Exploitation of this issue may allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For Linux kernel versions through 6.1.5, update to a version newer than 6.1.5 to resolve the issue. As a temporary workaround, consider restricting access to the rndis query oid() function in the drivers/net/wireless/rndis wlan.c file until a patch is available.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-680CWE-190

Related Identifiers

ALT-PU-2023-1064

ALT-PU-2023-1126

ALT-PU-2023-1684

ALT-PU-2023-1741

ALT-PU-2023-1814

ALT-PU-2023-4894

ALT-PU-2023-7007

ALT-PU-2023-7682

ALT-PU-2023-8451

ALT-PU-2024-4263

ALT-PU-2024-4843

AZL-13052

BDU:2023-00380

CVE-2023-23559

DLA-3403-1

DLA-3404-1

MGASA-2023-0087

MGASA-2023-0088

OESA-2023-1053

OESA-2023-1054

OESA-2023-1055

OESA-2023-1056

OPENSUSE-SU-2023_0774-1

OPENSUSE-SU-2024:13339-1

SUSE-SU-2023:0747-1

SUSE-SU-2023:0749-1

SUSE-SU-2023:0749-2

SUSE-SU-2023:0762-1

SUSE-SU-2023:0767-1

SUSE-SU-2023:0768-1

SUSE-SU-2023:0770-1

SUSE-SU-2023:0774-1

SUSE-SU-2023:0778-1

SUSE-SU-2023:0779-1

SUSE-SU-2023:0780-1

SUSE-SU-2023:0852-1

SUSE-SU-2023:1608-1

SUSE-SU-2023:1609-1

SUSE-SU-2023:1710-1

SUSE-SU-2023:2506-1

SUSE-SU-2023:4135-1

SUSE-SU-2023:4136-1

SUSE-SU-2023:4158-1

SUSE-SU-2023:4159-1

SUSE-SU-2023:4160-1

SUSE-SU-2024:0155-1

SUSE-SU-2026:0263-1

SUSE-SU-2026:0316-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0350-1

SUSE-SU-2026:0352-1

SUSE-SU-2026:0369-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

USN-5884-1

USN-5924-1

USN-5926-1

USN-5927-1

USN-5970-1

USN-5975-1

USN-5978-1

USN-5979-1

USN-5980-1

USN-5981-1

USN-5982-1

USN-5984-1

USN-5985-1

USN-5987-1

USN-5991-1

USN-6004-1

USN-6009-1

USN-6020-1

USN-6030-1

USN-6031-1

USN-6032-1

USN-6151-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2023-1166 · Linux+5 · Linux Kernel+5

CVE-2023-23559

Weakness Enumeration

Related Identifiers

Affected Products

References · 1520