PT-2025-54132 · Linux+2 · Linux Kernel+2

Published

2023-04-19

Updated

2026-02-24

CVE-2023-54286

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's iwlwifi component, specifically within the dvm module, related to a memory copy operation. A received TKIP key can be up to 32 bytes, potentially overflowing the iwl keyinfo.key field during the copy process. This can lead to a field-spanning write, as indicated by backtraces. The issue occurs when handling TKIP keys that include MIC rx/tx keys, which are not utilized by iwl but are inadvertently copied, causing the overflow. A check has been added to prevent copying more data to iwl keyinfo.key than it can accommodate.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

BDU:2026-02279

CVE-2023-54286

RHSA-2023:6583

RHSA-2023:7077

SUSE-SU-2026:0263-1

SUSE-SU-2026:0316-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

Affected Products

Centos

Linux Kernel

Red Hat

PT-2025-54132 · Linux+2 · Linux Kernel+2

CVE-2023-54286

Weakness Enumeration

Related Identifiers

Affected Products

References · 1120