PT-2024-14756 · Linux+7 · Linux Kernel+7

Johan Hovold

·

Published

2023-10-25

·

Updated

2025-09-29

·

CVE-2023-52800

CVSS v3.1

4.4

Medium

VectorAV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the wifi: ath11k: fix htt pktlog locking in the Linux kernel. The ath11k active pdevs are protected by RCU, but the htt pktlog handling code calling ath11k mac get ar by pdev id() was not marked as a read-side critical section. This could lead to potential use-after-free issues. The code in question has been marked as an RCU read-side critical section to avoid these issues.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2024:7000
ALSA-2025_16880
BDU:2025-15330
CESA-2024_7000
CVE-2023-52800
INFSA-2024_7000
OESA-2024-1694
OESA-2024-1706
OPENSUSE-SU-2024_2189-1
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
OPENSUSE-SU-2024_3983-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3985-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2024_4131-1
RHSA-2024:7000
RHSA-2024_7000
SUSE-SU-2024:2008-1
SUSE-SU-2024:2011-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2189-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2902-1
SUSE-SU-2024:2929-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3983-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3985-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4082-1
SUSE-SU-2024:4131-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1

Affected Products

Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse