First published: Mon Mar 13 2023(Updated: )
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <4.14.315 | 4.14.315 |
redhat/kernel | <4.19.283 | 4.19.283 |
redhat/kernel | <5.4.243 | 5.4.243 |
redhat/kernel | <5.10.180 | 5.10.180 |
redhat/kernel | <5.15.110 | 5.15.110 |
redhat/kernel | <6.1.27 | 6.1.27 |
redhat/kernel | <6.2.14 | 6.2.14 |
Red Hat Enterprise Linux | =8.0 | |
Red Hat Enterprise Linux | =9.0 | |
Linux Kernel | >=3.2.1<4.14.315 | |
Linux Kernel | >=4.19<4.19.283 | |
Linux Kernel | >=5.4<5.4.243 | |
Linux Kernel | >=5.10<5.10.180 | |
Linux Kernel | >=5.15<5.15.110 | |
Linux Kernel | >=6.1<6.1.27 | |
Linux Kernel | >=6.2<6.2.14 | |
Linux Kernel | =6.3 | |
Linux Kernel | =6.3-rc1 | |
Linux Kernel | =6.3-rc2 | |
Linux Kernel | =6.3-rc3 | |
Linux Kernel | =6.3-rc4 | |
Linux Kernel | =6.3-rc5 | |
Linux Kernel | =6.3-rc6 | |
Linux Kernel | =6.3-rc7 | |
NetApp H500e Firmware | ||
NetApp H500e Firmware | ||
NetApp H700S | ||
NetApp H700S | ||
NetApp H410S | ||
NetApp H410S Firmware | ||
NetApp H410C | ||
NetApp H410C Firmware | ||
NetApp H300S Firmware | ||
NetApp H300S Firmware | ||
All of | ||
NetApp H500e Firmware | ||
NetApp H500e Firmware | ||
All of | ||
NetApp H700S | ||
NetApp H700S | ||
All of | ||
NetApp H410S | ||
NetApp H410S Firmware | ||
All of | ||
NetApp H410C | ||
NetApp H410C Firmware | ||
All of | ||
NetApp H300S Firmware | ||
NetApp H300S Firmware | ||
Debian Linux | =10.0 | |
Debian Linux | =11.0 | |
Ubuntu | =14.04 | |
Ubuntu | =16.04 | |
Ubuntu | =18.04 | |
Ubuntu | =20.04 | |
Ubuntu | =22.04 | |
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-1380 is classified as a high severity vulnerability due to its potential to cause a denial of service.
To fix CVE-2023-1380, upgrade to the appropriate kernel version as specified in the vulnerability documentation.
CVE-2023-1380 affects various versions of the Linux Kernel, particularly those prior to specific versions such as 4.14.315 and 5.15.110.
CVE-2023-1380 is a slab-out-of-bounds read vulnerability found in the brcmf_get_assoc_ies function of the Linux Kernel.
While CVE-2023-1380 primarily leads to denial of service, it may also create opportunities for further exploitation in a compromised system.