Wind River Support Network

HomeDefectsLIN1021-6790
Acknowledged

LIN1021-6790 : Security Advisory - linux - CVE-2023-47233

Created: Nov 5, 2023    Updated: Nov 8, 2023
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.

CREATE(Triage):(User=admin) CVE-2023-47233 (https://nvd.nist.gov/vuln/detail/CVE-2023-47233)
Live chat
Online