In the Linux kernel, the following vulnerability has been resolved:
wifi: ath11k: fix htt pktlog locking
The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11kmacgetarbypdevid() was not marked as a read-side critical section.
Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues.
Compile tested only.
{ "vanir_signatures": [ { "signature_version": "v1", "target": { "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f77c7d605b29df277d77e9ee75d96e7ad145d2d", "deprecated": false, "digest": { "line_hashes": [ "95389278621629596384215313158933302211", "9574083129818841273669773028241804798", "275372967746905481960467490589010089909", "329601771325443919373079542431041069327", "238575095252924029310641469065640510070", "197439369294431567233503235835712649812", "310325755242241372355663141209306660596", "199638646474971756095678312113099936583", "19913762626870413706200210682112022599", "126649231392119958632619871243768403584", "129921603265502979222339700808310717098" ], "threshold": 0.9 }, "id": "CVE-2023-52800-09f8e4fc" }, { "signature_version": "v1", "target": { "function": "ath11k_htt_pktlog", "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@03ed26935bebf6b6fd8a656490bf3dcc71b72679", "deprecated": false, "digest": { "length": 438.0, "function_hash": "240335981586354395264925792233752771385" }, "id": "CVE-2023-52800-15cc78e7" }, { "signature_version": "v1", "target": { "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@69cede2a5a5f60e3f5602b901b52cb64edd2ea6c", "deprecated": false, "digest": { "line_hashes": [ "95389278621629596384215313158933302211", "9574083129818841273669773028241804798", "275372967746905481960467490589010089909", "329601771325443919373079542431041069327", "238575095252924029310641469065640510070", "197439369294431567233503235835712649812", "310325755242241372355663141209306660596", "199638646474971756095678312113099936583", "19913762626870413706200210682112022599", "126649231392119958632619871243768403584", "129921603265502979222339700808310717098" ], "threshold": 0.9 }, "id": "CVE-2023-52800-36fd76de" }, { "signature_version": "v1", "target": { "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a51e6b4da71fdfa43ec006d6abc020f3e22d14e", "deprecated": false, "digest": { "line_hashes": [ "95389278621629596384215313158933302211", "9574083129818841273669773028241804798", "275372967746905481960467490589010089909", "329601771325443919373079542431041069327", "238575095252924029310641469065640510070", "197439369294431567233503235835712649812", "310325755242241372355663141209306660596", "199638646474971756095678312113099936583", "19913762626870413706200210682112022599", "126649231392119958632619871243768403584", "129921603265502979222339700808310717098" ], "threshold": 0.9 }, "id": "CVE-2023-52800-469d0818" }, { "signature_version": "v1", "target": { "function": "ath11k_htt_pktlog", "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f77c7d605b29df277d77e9ee75d96e7ad145d2d", "deprecated": false, "digest": { "length": 438.0, "function_hash": "240335981586354395264925792233752771385" }, "id": "CVE-2023-52800-4f9a06c2" }, { "signature_version": "v1", "target": { "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@03ed26935bebf6b6fd8a656490bf3dcc71b72679", "deprecated": false, "digest": { "line_hashes": [ "95389278621629596384215313158933302211", "9574083129818841273669773028241804798", "275372967746905481960467490589010089909", "329601771325443919373079542431041069327", "238575095252924029310641469065640510070", "197439369294431567233503235835712649812", "310325755242241372355663141209306660596", "199638646474971756095678312113099936583", "19913762626870413706200210682112022599", "126649231392119958632619871243768403584", "129921603265502979222339700808310717098" ], "threshold": 0.9 }, "id": "CVE-2023-52800-69739dce" }, { "signature_version": "v1", "target": { "function": "ath11k_htt_pktlog", "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3199b3fac65c9f103055390b6fd07c5cffa5961", "deprecated": false, "digest": { "length": 438.0, "function_hash": "240335981586354395264925792233752771385" }, "id": "CVE-2023-52800-75aab2ce" }, { "signature_version": "v1", "target": { "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3199b3fac65c9f103055390b6fd07c5cffa5961", "deprecated": false, "digest": { "line_hashes": [ "95389278621629596384215313158933302211", "9574083129818841273669773028241804798", "275372967746905481960467490589010089909", "329601771325443919373079542431041069327", "238575095252924029310641469065640510070", "197439369294431567233503235835712649812", "310325755242241372355663141209306660596", "199638646474971756095678312113099936583", "19913762626870413706200210682112022599", "126649231392119958632619871243768403584", "129921603265502979222339700808310717098" ], "threshold": 0.9 }, "id": "CVE-2023-52800-75d86d8b" }, { "signature_version": "v1", "target": { "function": "ath11k_htt_pktlog", "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@423762f021825b5e57c3d6f01ff96a9ff19cdcd8", "deprecated": false, "digest": { "length": 438.0, "function_hash": "240335981586354395264925792233752771385" }, "id": "CVE-2023-52800-943a1094" }, { "signature_version": "v1", "target": { "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@423762f021825b5e57c3d6f01ff96a9ff19cdcd8", "deprecated": false, "digest": { "line_hashes": [ "95389278621629596384215313158933302211", "9574083129818841273669773028241804798", "275372967746905481960467490589010089909", "329601771325443919373079542431041069327", "238575095252924029310641469065640510070", "197439369294431567233503235835712649812", "310325755242241372355663141209306660596", "199638646474971756095678312113099936583", "19913762626870413706200210682112022599", "126649231392119958632619871243768403584", "129921603265502979222339700808310717098" ], "threshold": 0.9 }, "id": "CVE-2023-52800-95837787" }, { "signature_version": "v1", "target": { "function": "ath11k_htt_pktlog", "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@69cede2a5a5f60e3f5602b901b52cb64edd2ea6c", "deprecated": false, "digest": { "length": 438.0, "function_hash": "240335981586354395264925792233752771385" }, "id": "CVE-2023-52800-b2b04a73" }, { "signature_version": "v1", "target": { "function": "ath11k_htt_pktlog", "file": "drivers/net/wireless/ath/ath11k/dp_rx.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a51e6b4da71fdfa43ec006d6abc020f3e22d14e", "deprecated": false, "digest": { "length": 438.0, "function_hash": "240335981586354395264925792233752771385" }, "id": "CVE-2023-52800-ca9fedf0" } ] }