PT-2025-40682 · Linux+2 · Linux Kernel+2

Published

2025-10-04

·

Updated

2026-05-26

·

CVE-2023-53540

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw within the wifi subsystem, specifically in the cfg80211 component. The issue involves accepting authentication or association requests from an Access Point (AP) that utilizes the device’s own address as its Management Frame Local Destination (MLD) address or Basic Service Set Identifier (BSSID). This behavior indicates a misconfiguration or potential malicious activity. The system rejects these connections to prevent subsequent failures.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

AZL-77399
CVE-2023-53540
SUSE-SU-2025:21040-1
SUSE-SU-2025:21052-1
SUSE-SU-2025:21056-1
SUSE-SU-2025:21064-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4128-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4140-1
SUSE-SU-2025:4141-1
SUSE-SU-2025:4189-1
SUSE-SU-2025:4301-1

Affected Products

Debian
Linux Kernel
Suse