CVE-2023-53767
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2023-53767, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-08

Last updated on: 2025-12-08

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_qmi_driver_event_work() Currently the buffer pointed by event is not freed in case ATH12K_FLAG_UNREGISTERING bit is set, this causes memory leak. Add a goto skip instead of return, to ensure event and all the list entries are freed properly. Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-08
Last Modified
2025-12-08
Generated
2026-07-06
AI Q&A
2025-12-08
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel *
qualcomm qcn9274 *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a memory leak in the Linux kernel's ath12k WiFi driver. Specifically, when the ATH12K_FLAG_UNREGISTERING bit is set, the buffer pointed to by the event is not freed, causing a memory leak. The fix involves changing a return statement to a goto skip to ensure that the event and all list entries are properly freed.

Impact Analysis

The memory leak caused by this vulnerability can lead to increased memory usage over time, potentially degrading system performance or causing instability in systems using the affected WiFi driver.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53767. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart