CVE-2023-53575
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-04

Last updated on: 2026-03-21

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWL_SEC_WEP_KEY_OFFSET when needed while verifying key_len size in iwl_mvm_sec_key_add().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-04
Last Modified
2026-03-21
Generated
2026-06-16
AI Q&A
2025-10-04
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53575
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.2 (inc) to 6.4.7 (inc)
intel iwlwifi *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a potential array out of bounds access issue in the Linux kernel's iwlwifi driver. Specifically, it relates to the handling of the key length verification in the function iwl_mvm_sec_key_add(), where the code did not properly account for IWL_SEC_WEP_KEY_OFFSET, potentially leading to accessing memory outside the intended array bounds.

Impact Analysis

The vulnerability could lead to memory corruption or unexpected behavior in the wireless driver, which might be exploited to cause system instability, crashes, or potentially allow an attacker to execute arbitrary code or escalate privileges on the affected system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53575. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart