CVE-2023-53321
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-16

Last updated on: 2025-12-10

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded through wmediumd or similar userspace, so require the full 3-address header to avoid accessing invalid memory if shorter frames are passed in.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-16
Last Modified
2025-12-10
Generated
2026-06-16
AI Q&A
2025-09-16
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53321
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
linux linux_kernel to 5.4.257 (exc)
linux linux_kernel From 5.5 (inc) to 5.10.197 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.133 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.55 (exc)
linux linux_kernel From 6.2 (inc) to 6.5.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves the Linux kernel's wifi mac80211_hwsim component improperly handling short frames. Some control frames like ACK are shorter and end after Address 1, but these frames should not be forwarded through wmediumd or similar userspace programs. The vulnerability arises because the code expects a full 3-address header, and if shorter frames are passed in, it can lead to accessing invalid memory.

Impact Analysis

The vulnerability can cause the Linux kernel to access invalid memory when processing certain short wifi control frames, potentially leading to system instability or crashes in the wifi simulation environment. This could affect the reliability of wireless networking components that use mac80211_hwsim and wmediumd.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53321. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart