CVE-2023-54036

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak issue within the wifi subsystem, specifically affecting the rtl8xxxu driver when used with RTL8723BU and RTL8192EU wifi + bluetooth combo chips. Connecting to a bluetooth audio device with the RTL8723BU chip can cause memory leaks due to incorrectly freed C2H (card to host) messages. The RTL8192EU chip also experiences memory leaks because C2H messages are added to a queue and remain there indefinitely. The issue was triggered by a commit that enabled rate control, leading to the transmission of C2H messages when the TX rate changes. While the RTL8188FU chip could theoretically be affected, it is unlikely due to infrequent C2H message transmission.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.