{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52688", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-07T14:49:46.888Z", "datePublished": "2024-05-17T14:24:49.321Z", "dateUpdated": "2025-05-04T07:41:34.800Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:41:34.800Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix the error handler of rfkill config\n\nWhen the core rfkill config throws error, it should free the\nallocated resources. Currently it is not freeing the core pdev\ncreate resources. Avoid this issue by calling the core pdev\ndestroy in the error handler of core rfkill config.\n\nFound this issue in the code review and it is compile tested only."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ath/ath12k/core.c"], "versions": [{"version": "004ccbc0dd49c63576a4c60a663a38dd3cb6bee5", "lessThan": "b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8", "status": "affected", "versionType": "git"}, {"version": "004ccbc0dd49c63576a4c60a663a38dd3cb6bee5", "lessThan": "898d8b3e1414cd900492ee6a0b582f8095ba4a1a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ath/ath12k/core.c"], "versions": [{"version": "6.7", "status": "affected"}, {"version": "0", "lessThan": "6.7", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.2", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.7.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.8"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8"}, {"url": "https://git.kernel.org/stable/c/898d8b3e1414cd900492ee6a0b582f8095ba4a1a"}], "title": "wifi: ath12k: fix the error handler of rfkill config", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:35.644Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/898d8b3e1414cd900492ee6a0b582f8095ba4a1a", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52688", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:41:59.585007Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:19.126Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/898d8b3e1414cd900492ee6a0b582f8095ba4a1a", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:35.644Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52688", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:41:59.585007Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.126Z"}}], "cna": {"title": "wifi: ath12k: fix the error handler of rfkill config", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "004ccbc0dd49c63576a4c60a663a38dd3cb6bee5", "lessThan": "b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8", "versionType": "git"}, {"status": "affected", "version": "004ccbc0dd49c63576a4c60a663a38dd3cb6bee5", "lessThan": "898d8b3e1414cd900492ee6a0b582f8095ba4a1a", "versionType": "git"}], "programFiles": ["drivers/net/wireless/ath/ath12k/core.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.7"}, {"status": "unaffected", "version": "0", "lessThan": "6.7", "versionType": "semver"}, {"status": "unaffected", "version": "6.7.2", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/wireless/ath/ath12k/core.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8"}, {"url": "https://git.kernel.org/stable/c/898d8b3e1414cd900492ee6a0b582f8095ba4a1a"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix the error handler of rfkill config\n\nWhen the core rfkill config throws error, it should free the\nallocated resources. Currently it is not freeing the core pdev\ncreate resources. Avoid this issue by calling the core pdev\ndestroy in the error handler of core rfkill config.\n\nFound this issue in the code review and it is compile tested only."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:24:08.874Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52688", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:24:08.874Z", "dateReserved": "2024-03-07T14:49:46.888Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T14:24:49.321Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix the error handler of rfkill config\n\nWhen the core rfkill config throws error, it should free the\nallocated resources. Currently it is not freeing the core pdev\ncreate resources. Avoid this issue by calling the core pdev\ndestroy in the error handler of core rfkill config.\n\nFound this issue in the code review and it is compile tested only."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: ath12k: corrige el controlador de errores de la configuraci\u00f3n de rfkill Cuando la configuraci\u00f3n principal de rfkill arroja un error, deber\u00eda liberar los recursos asignados. Actualmente no est\u00e1 liberando recursos de creaci\u00f3n de pdev centrales. Evite este problema llamando a core pdev destroy en el controlador de errores de la configuraci\u00f3n core rfkill. Se encontr\u00f3 este problema en la revisi\u00f3n del c\u00f3digo y solo se prob\u00f3 en compilaci\u00f3n."}], "id": "CVE-2023-52688", "lastModified": "2024-11-21T08:40:21.923", "metrics": {}, "published": "2024-05-17T15:15:19.883", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/898d8b3e1414cd900492ee6a0b582f8095ba4a1a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/898d8b3e1414cd900492ee6a0b582f8095ba4a1a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: wifi: ath12k: fix the error handler of rfkill config", "id": "2281307", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281307"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nwifi: ath12k: fix the error handler of rfkill config\nWhen the core rfkill config throws error, it should free the\nallocated resources. Currently it is not freeing the core pdev\ncreate resources. Avoid this issue by calling the core pdev\ndestroy in the error handler of core rfkill config.\nFound this issue in the code review and it is compile tested only.", "A vulnerability was found in the ath12k Wi-Fi driver within the Linux kernel. This issue involves an error handler issue in the rfkill configuration, which could potentially disrupt Wi-Fi functionality and error handling processes."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-52688", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52688\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52688\nhttps://lore.kernel.org/linux-cve-announce/2024051753-CVE-2023-52688-4932@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}