CVE-2023-53574

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s wifi subsystem, specifically within the rtw88 driver. The issue involves a potential crash and memory leak during driver unloading. This occurs because the TX purge timer and C2H queue are not properly deleted and freed when the driver is unloaded. The fix addresses this by deleting the timer and freeing the queue within the rtw core deinit() function, and by shrinking a critical section to free the COEX queue outside of the TX report lock scope.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

LPE

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

AZL-76770

BDU:2026-04419

CVE-2023-53574

ECHO-AEE0-4D8B-EE0B

SUSE-SU-2025:21040-1

SUSE-SU-2025:21052-1

SUSE-SU-2025:21056-1

SUSE-SU-2025:21064-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4111-1

SUSE-SU-2025:4128-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4135-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4140-1

SUSE-SU-2025:4141-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4188-1

SUSE-SU-2025:4301-1

SUSE-SU-2025:4320-1

SUSE-SU-2026:0090-1

SUSE-SU-2026:0107-1

Affected Products

Debian

Linux Kernel

Suse

Rtw88

CVE-2023-53574

Weakness Enumeration

Related Identifiers

Affected Products

References · 1340