In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix potential key use-after-free
When ieee80211keylink() is called by ieee80211gtkrekeyadd() but returns 0 due to KRACK protection (identical key reinstall), ieee80211gtkrekeyadd() will still return a pointer into the key, in a potential use-after-free. This normally doesn't happen since it's only called by iwlwifi in case of WoWLAN rekey offload which has its own KRACK protection, but still better to fix, do that by returning an error code and converting that to success on the cfg80211 boundary only, leaving the error for bad callers of ieee80211gtkrekey_add().
{ "vanir_signatures": [ { "id": "CVE-2023-52530-174c6278", "signature_type": "Function", "target": { "file": "net/mac80211/cfg.c", "function": "ieee80211_add_key" }, "signature_version": "v1", "digest": { "length": 2221.0, "function_hash": "86891464116511722275284185434595454763" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@31db78a4923ef5e2008f2eed321811ca79e7f71b" }, { "id": "CVE-2023-52530-19de2e27", "signature_type": "Line", "target": { "file": "net/mac80211/cfg.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "103528202617295981500891340767046725271", "230486372638346561041131764435061653177", "307259679612231564644430983135640917906", "215413419250070812243071673755447225979" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65c72a7201704574dace708cbc96a8f367b1491d" }, { "id": "CVE-2023-52530-2cf1f466", "signature_type": "Line", "target": { "file": "net/mac80211/key.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "28341468675383038261264769132770659100", "24148358879649493565405560310083824859", "246269910920254150786180165170416027572", "234396232201766289081771819427161973858" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8a834eb09bb95c2bf9c76f1a28ecef7d8c439d0" }, { "id": "CVE-2023-52530-3ae22ad8", "signature_type": "Line", "target": { "file": "net/mac80211/cfg.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "276369527520289848905022383084116884118", "300306323499051515379705981738744687602", "261572323721697219419645407279821074271", "59606723919882731420036445205583742140" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8a834eb09bb95c2bf9c76f1a28ecef7d8c439d0" }, { "id": "CVE-2023-52530-48a27fdf", "signature_type": "Function", "target": { "file": "net/mac80211/key.c", "function": "ieee80211_key_link" }, "signature_version": "v1", "digest": { "length": 1668.0, "function_hash": "308538612699998537277667784557146258460" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@31db78a4923ef5e2008f2eed321811ca79e7f71b" }, { "id": "CVE-2023-52530-626e0781", "signature_type": "Line", "target": { "file": "net/mac80211/key.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "28341468675383038261264769132770659100", "24148358879649493565405560310083824859", "246269910920254150786180165170416027572", "234396232201766289081771819427161973858" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2408f491ff998d674707725eadc47d8930aced09" }, { "id": "CVE-2023-52530-6678e904", "signature_type": "Line", "target": { "file": "net/mac80211/key.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "28341468675383038261264769132770659100", "24148358879649493565405560310083824859", "246269910920254150786180165170416027572", "234396232201766289081771819427161973858" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8e599a635066c50ac214c3e10858f1d37e03022" }, { "id": "CVE-2023-52530-7ada2fd4", "signature_type": "Function", "target": { "file": "net/mac80211/key.c", "function": "ieee80211_key_link" }, "signature_version": "v1", "digest": { "length": 1668.0, "function_hash": "308538612699998537277667784557146258460" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f4e16e39e4f5e78248dd9e51276a83203950b36" }, { "id": "CVE-2023-52530-88f3bfa6", "signature_type": "Function", "target": { "file": "net/mac80211/cfg.c", "function": "ieee80211_add_key" }, "signature_version": "v1", "digest": { "length": 2221.0, "function_hash": "86891464116511722275284185434595454763" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65c72a7201704574dace708cbc96a8f367b1491d" }, { "id": "CVE-2023-52530-aa9a60bd", "signature_type": "Function", "target": { "file": "net/mac80211/cfg.c", "function": "ieee80211_add_key" }, "signature_version": "v1", "digest": { "length": 2454.0, "function_hash": "233115064637734745897000715795993112539" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8e599a635066c50ac214c3e10858f1d37e03022" }, { "id": "CVE-2023-52530-adec4471", "signature_type": "Function", "target": { "file": "net/mac80211/key.c", "function": "ieee80211_key_link" }, "signature_version": "v1", "digest": { "length": 1332.0, "function_hash": "272220719318145916190205484820653087692" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2408f491ff998d674707725eadc47d8930aced09" }, { "id": "CVE-2023-52530-bda07151", "signature_type": "Line", "target": { "file": "net/mac80211/cfg.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "276369527520289848905022383084116884118", "300306323499051515379705981738744687602", "261572323721697219419645407279821074271", "59606723919882731420036445205583742140" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2408f491ff998d674707725eadc47d8930aced09" }, { "id": "CVE-2023-52530-c059fc3e", "signature_type": "Function", "target": { "file": "net/mac80211/cfg.c", "function": "ieee80211_add_key" }, "signature_version": "v1", "digest": { "length": 2462.0, "function_hash": "91090509058228900196812928225434805822" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8a834eb09bb95c2bf9c76f1a28ecef7d8c439d0" }, { "id": "CVE-2023-52530-c50b2c4d", "signature_type": "Line", "target": { "file": "net/mac80211/cfg.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "103528202617295981500891340767046725271", "230486372638346561041131764435061653177", "307259679612231564644430983135640917906", "215413419250070812243071673755447225979" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f4e16e39e4f5e78248dd9e51276a83203950b36" }, { "id": "CVE-2023-52530-c62fd915", "signature_type": "Function", "target": { "file": "net/mac80211/key.c", "function": "ieee80211_key_link" }, "signature_version": "v1", "digest": { "length": 1668.0, "function_hash": "308538612699998537277667784557146258460" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65c72a7201704574dace708cbc96a8f367b1491d" }, { "id": "CVE-2023-52530-d35376b2", "signature_type": "Line", "target": { "file": "net/mac80211/key.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "28341468675383038261264769132770659100", "24148358879649493565405560310083824859", "246269910920254150786180165170416027572", "234396232201766289081771819427161973858" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@31db78a4923ef5e2008f2eed321811ca79e7f71b" }, { "id": "CVE-2023-52530-d8b6f06d", "signature_type": "Line", "target": { "file": "net/mac80211/key.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "28341468675383038261264769132770659100", "24148358879649493565405560310083824859", "246269910920254150786180165170416027572", "234396232201766289081771819427161973858" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f4e16e39e4f5e78248dd9e51276a83203950b36" }, { "id": "CVE-2023-52530-df0d2e15", "signature_type": "Function", "target": { "file": "net/mac80211/cfg.c", "function": "ieee80211_add_key" }, "signature_version": "v1", "digest": { "length": 2221.0, "function_hash": "86891464116511722275284185434595454763" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f4e16e39e4f5e78248dd9e51276a83203950b36" }, { "id": "CVE-2023-52530-df528943", "signature_type": "Function", "target": { "file": "net/mac80211/cfg.c", "function": "ieee80211_add_key" }, "signature_version": "v1", "digest": { "length": 2454.0, "function_hash": "233115064637734745897000715795993112539" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2408f491ff998d674707725eadc47d8930aced09" }, { "id": "CVE-2023-52530-e0939f87", "signature_type": "Line", "target": { "file": "net/mac80211/cfg.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "103528202617295981500891340767046725271", "230486372638346561041131764435061653177", "307259679612231564644430983135640917906", "215413419250070812243071673755447225979" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@31db78a4923ef5e2008f2eed321811ca79e7f71b" }, { "id": "CVE-2023-52530-e9626d6d", "signature_type": "Function", "target": { "file": "net/mac80211/key.c", "function": "ieee80211_key_link" }, "signature_version": "v1", "digest": { "length": 1332.0, "function_hash": "272220719318145916190205484820653087692" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8e599a635066c50ac214c3e10858f1d37e03022" }, { "id": "CVE-2023-52530-fbe45c47", "signature_type": "Line", "target": { "file": "net/mac80211/key.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "28341468675383038261264769132770659100", "24148358879649493565405560310083824859", "246269910920254150786180165170416027572", "234396232201766289081771819427161973858" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65c72a7201704574dace708cbc96a8f367b1491d" }, { "id": "CVE-2023-52530-fda0ae80", "signature_type": "Line", "target": { "file": "net/mac80211/cfg.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "276369527520289848905022383084116884118", "300306323499051515379705981738744687602", "261572323721697219419645407279821074271", "59606723919882731420036445205583742140" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8e599a635066c50ac214c3e10858f1d37e03022" }, { "id": "CVE-2023-52530-fe1a0ee9", "signature_type": "Function", "target": { "file": "net/mac80211/key.c", "function": "ieee80211_key_link" }, "signature_version": "v1", "digest": { "length": 1332.0, "function_hash": "272220719318145916190205484820653087692" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8a834eb09bb95c2bf9c76f1a28ecef7d8c439d0" } ] }