PT-2025-13374 · Linux+5 · Linux Kernel+5

Published

2023-11-07

Updated

2025-09-29

CVE-2023-53028

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the reverted commit 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293.

Description A memory leak issue in the Linux kernel has been resolved. The issue was related to the ieee80211 if add() function. A general protection fault was reported, likely due to a non-canonical address. The issue was identified by syzbot, which reported a null-ptr-deref in a specific range. The vulnerability was exploited in a test environment, causing a crash.

Recommendations As a temporary workaround, consider disabling the ieee80211 if add() function until a patch is available. Update to a version of the Linux kernel that includes the fix for the reverted commit 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293.

Exploit

Fix

DoS

Memory Leak

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-476

Related Identifiers

ALSA-2025_16880

BDU:2025-06338

CESA-2023_7077

CVE-2023-53028

OPENSUSE-SU-2025_1195-1

RHSA-2023:6583

RHSA-2023:7077

RHSA-2023_6583

RHSA-2023_7077

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1195-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1195-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Red Os

Suse

PT-2025-13374 · Linux+5 · Linux Kernel+5

CVE-2023-53028

Weakness Enumeration

Related Identifiers

Affected Products

References · 1337