CVE-2023-53232
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53232
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53232.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-53232
- Downstream
- Related
- Published
- 2025-09-15T14:22:04Z
- Modified
- 2025-10-21T16:23:47.075047Z
- Summary
- mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data
The MT7921 driver no longer uses eeprom.data, but the relevant code has not been removed completely since commit 16d98b548365 ("mt76: mt7921: rely on mcugetnic_capability"). This could result in potential invalid memory access.
To fix the kernel panic issue in mt7921, it is necessary to avoid accessing unallocated eeprom.data which can lead to invalid memory access.
Furthermore, it is possible to entirely eliminate the mt7921mcuparseeeprom function and solely depend on mt7921mcuparseresponse to divide the RxD header.
[2.702735] BUG: kernel NULL pointer dereference, address: 0000000000000550 [2.702740] #PF: supervisor write access in kernel mode [2.702741] #PF: errorcode(0x0002) - not-present page [2.702743] PGD 0 P4D 0 [2.702747] Oops: 0002 [#1] PREEMPT SMP NOPTI [2.702755] RIP: 0010:mt7921mcuparseresponse+0x147/0x170 [mt7921common] [2.702758] RSP: 0018:ffffae7c00fef828 EFLAGS: 00010286 [2.702760] RAX: ffffa367f57be024 RBX: ffffa367cc7bf500 RCX: 0000000000000000 [2.702762] RDX: 0000000000000550 RSI: 0000000000000000 RDI: ffffa367cc7bf500 [2.702763] RBP: ffffae7c00fef840 R08: ffffa367cb167000 R09: 0000000000000005 [2.702764] R10: 0000000000000000 R11: ffffffffc04702e4 R12: ffffa367e8329f40 [2.702766] R13: 0000000000000000 R14: 0000000000000001 R15: ffffa367e8329f40 [2.702768] FS: 000079ee6cf20c40(0000) GS:ffffa36b2f940000(0000) knlGS:0000000000000000 [2.702769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [2.702775] CR2: 0000000000000550 CR3: 00000001233c6004 CR4: 0000000000770ee0 [2.702776] PKRU: 55555554 [2.702777] Call Trace: [2.702782] mt76mcuskbsendandgetmsg+0xc3/0x11e [mt76 <HASH:1bc4 5>] [2.702785] mt7921runfirmware+0x241/0x853 [mt7921common <HASH:6a2f 6>] [2.702789] mt7921emcuinit+0x2b/0x56 [mt7921e <HASH:d290 7>] [2.702792] mt7921registerdevice+0x2eb/0x5a5 [mt7921common <HASH:6a2f 6>] [2.702795] ? mt7921irqtasklet+0x1d4/0x1d4 [mt7921e <HASH:d290 7>] [2.702797] mt7921pciprobe+0x2d6/0x319 [mt7921e <HASH:d290 7>] [2.702799] pcidevice_probe+0x9f/0x12a
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/11181b6c8641cd417935b76ea997d0169f2db262
- https://git.kernel.org/stable/c/12db28c3ef31f719bd18fa186a40bb152e6a527c
- https://git.kernel.org/stable/c/c8ba6780c65f681d217de79e17d63d5d538a239f
- https://git.kernel.org/stable/c/ec4d97e8eddcfa9f63f2f62adec5fb4f941ba2ef
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced16d98b548365fcd6fc3fe2e1ae73c9e3cc5ee43dFixed11181b6c8641cd417935b76ea997d0169f2db262
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced16d98b548365fcd6fc3fe2e1ae73c9e3cc5ee43dFixedc8ba6780c65f681d217de79e17d63d5d538a239f
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced16d98b548365fcd6fc3fe2e1ae73c9e3cc5ee43dFixedec4d97e8eddcfa9f63f2f62adec5fb4f941ba2ef
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced16d98b548365fcd6fc3fe2e1ae73c9e3cc5ee43dFixed12db28c3ef31f719bd18fa186a40bb152e6a527c
Affected versions
v5.*
v5.15
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.10
v6.2.11
v6.2.12
v6.2.13
v6.2.14
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.2.6
v6.2.7
v6.2.8
v6.2.9
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.3.1
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@12db28c3ef31f719bd18fa186a40bb152e6a527c",
"id": "CVE-2023-53232-016c2bdb",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "mt7921_mcu_parse_response",
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"length": 1416.0,
"function_hash": "2534116615825519959336679886165505746"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ec4d97e8eddcfa9f63f2f62adec5fb4f941ba2ef",
"id": "CVE-2023-53232-077564c7",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "mt7921_mcu_parse_eeprom",
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"length": 301.0,
"function_hash": "53684533153081804435318120298003729108"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c8ba6780c65f681d217de79e17d63d5d538a239f",
"id": "CVE-2023-53232-0e1764e9",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "mt7921_mcu_parse_response",
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"length": 1416.0,
"function_hash": "2534116615825519959336679886165505746"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11181b6c8641cd417935b76ea997d0169f2db262",
"id": "CVE-2023-53232-4a4ea7cb",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"163782792677485859829269880791810680317",
"168798554350668350402862607318210709310",
"21872942779089910237246803776693512777",
"242269279452236220109347769329501393392",
"90691736552528093348424473605229054335",
"227593812471065461379863199780981583708",
"276984609372017853491027801611008781118",
"176128914944872559383862355630788148139",
"188739703976051139279062710983522845428",
"150406426046400425212682299799945186724",
"17063309443470024809650998199518925331",
"42321912943666458618683897711966373471",
"161078282867866119907254131840475199561",
"115915561135238959552869594228298420168",
"97933493390950717802988145802571462890",
"240461634334694938643121706605317700570",
"219518388426274346485549502758774242637",
"44751243834289056987670052807514586479",
"336330801164030760928012241281318145609",
"329981361429010266445297219374458060975",
"253505945315939069632217407926267668782"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ec4d97e8eddcfa9f63f2f62adec5fb4f941ba2ef",
"id": "CVE-2023-53232-648fb6cb",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "mt7921_mcu_parse_response",
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"length": 1416.0,
"function_hash": "2534116615825519959336679886165505746"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c8ba6780c65f681d217de79e17d63d5d538a239f",
"id": "CVE-2023-53232-7e3ff4a2",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "mt7921_mcu_parse_eeprom",
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"length": 301.0,
"function_hash": "53684533153081804435318120298003729108"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ec4d97e8eddcfa9f63f2f62adec5fb4f941ba2ef",
"id": "CVE-2023-53232-8e53501a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"163782792677485859829269880791810680317",
"168798554350668350402862607318210709310",
"21872942779089910237246803776693512777",
"242269279452236220109347769329501393392",
"90691736552528093348424473605229054335",
"227593812471065461379863199780981583708",
"276984609372017853491027801611008781118",
"176128914944872559383862355630788148139",
"188739703976051139279062710983522845428",
"150406426046400425212682299799945186724",
"17063309443470024809650998199518925331",
"42321912943666458618683897711966373471",
"161078282867866119907254131840475199561",
"115915561135238959552869594228298420168",
"97933493390950717802988145802571462890",
"240461634334694938643121706605317700570",
"219518388426274346485549502758774242637",
"44751243834289056987670052807514586479",
"336330801164030760928012241281318145609",
"329981361429010266445297219374458060975",
"253505945315939069632217407926267668782"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@12db28c3ef31f719bd18fa186a40bb152e6a527c",
"id": "CVE-2023-53232-bd3f44ce",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "mt7921_mcu_parse_eeprom",
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"length": 301.0,
"function_hash": "53684533153081804435318120298003729108"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@12db28c3ef31f719bd18fa186a40bb152e6a527c",
"id": "CVE-2023-53232-c6eb8407",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"163782792677485859829269880791810680317",
"168798554350668350402862607318210709310",
"21872942779089910237246803776693512777",
"242269279452236220109347769329501393392",
"90691736552528093348424473605229054335",
"227593812471065461379863199780981583708",
"276984609372017853491027801611008781118",
"176128914944872559383862355630788148139",
"188739703976051139279062710983522845428",
"150406426046400425212682299799945186724",
"17063309443470024809650998199518925331",
"42321912943666458618683897711966373471",
"161078282867866119907254131840475199561",
"115915561135238959552869594228298420168",
"97933493390950717802988145802571462890",
"240461634334694938643121706605317700570",
"219518388426274346485549502758774242637",
"44751243834289056987670052807514586479",
"336330801164030760928012241281318145609",
"329981361429010266445297219374458060975",
"253505945315939069632217407926267668782"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11181b6c8641cd417935b76ea997d0169f2db262",
"id": "CVE-2023-53232-d3693bc7",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "mt7921_mcu_parse_response",
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"length": 1416.0,
"function_hash": "2534116615825519959336679886165505746"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11181b6c8641cd417935b76ea997d0169f2db262",
"id": "CVE-2023-53232-d44291bd",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "mt7921_mcu_parse_eeprom",
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"length": 301.0,
"function_hash": "53684533153081804435318120298003729108"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c8ba6780c65f681d217de79e17d63d5d538a239f",
"id": "CVE-2023-53232-f58fbe5e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"163782792677485859829269880791810680317",
"168798554350668350402862607318210709310",
"21872942779089910237246803776693512777",
"242269279452236220109347769329501393392",
"90691736552528093348424473605229054335",
"227593812471065461379863199780981583708",
"276984609372017853491027801611008781118",
"176128914944872559383862355630788148139",
"188739703976051139279062710983522845428",
"150406426046400425212682299799945186724",
"17063309443470024809650998199518925331",
"42321912943666458618683897711966373471",
"161078282867866119907254131840475199561",
"115915561135238959552869594228298420168",
"97933493390950717802988145802571462890",
"240461634334694938643121706605317700570",
"219518388426274346485549502758774242637",
"44751243834289056987670052807514586479",
"336330801164030760928012241281318145609",
"329981361429010266445297219374458060975",
"253505945315939069632217407926267668782"
]
},
"signature_type": "Line"
}
]