CVE-2023-53715
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2023-53715, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-22

Last updated on: 2025-10-22

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in binary all along, so use that and avoid the hexification. OpenBSD has been doing it like this from the beginning, so this should work on all chips. Also clear the structure before setting the PMK. This was leaking uninitialized stack contents to the device.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-22
Last Modified
2025-10-22
Generated
2026-07-06
AI Q&A
2025-10-22
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability involves the Linux kernel's wifi driver brcmfmac and its handling of the PMK (Pairwise Master Key). Previously, the PMK was passed in hex format, which does not work correctly on newer chips/firmware like BCM4387. The fix changes the mechanism to pass the PMK in binary format instead of hex. Additionally, the structure used to pass the PMK is cleared before setting it, preventing leakage of uninitialized stack contents to the device.

Impact Analysis

The vulnerability could cause improper handling of the PMK on newer wifi chips, potentially leading to connectivity issues or failures in wifi authentication. Moreover, the previous method leaked uninitialized stack contents to the device, which could expose sensitive information or lead to security risks related to information leakage.

Mitigation Strategies

Apply the updated Linux kernel patch that changes the brcmfmac driver to pass the PMK in binary instead of hex and clears the structure before setting the PMK to avoid leaking uninitialized stack contents. This update resolves the issue with newer chips/firmware such as BCM4387.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53715. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart