CVE-2023-53086

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A vulnerability in the Linux kernel has been resolved. The issue is related to the wifi: mt76: connac component, where WED status is not checked for non-mmio devices. This can lead to a crash, as reported in the kernel logs. The vulnerability is related to the mt76 connac mcu add key function and other related functions such as mt7921 set key, drv set key, and ieee80211 key enable hw accel. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for this vulnerability. As a temporary workaround, consider disabling the wifi: mt76: connac component until a patch is available. Restrict access to the vulnerable mt76 connac mcu add key function and related functions to minimize the risk of exploitation.