CVE-2023-53554

staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()

Published: 10/4/2025 Last updated: 10/4/2025 Reserved: 10/4/2025

In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user. If it's over IW_ENCODING_TOKEN_MAX (64) that could lead to memory corruption.

CNA assigner: Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67) Requested by: n/a

Opam packages affected (29)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes ortools_solvers orun rawlink rawlink-eio rawlink-lwt restricted shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (1)

Product	Vendor	Version
Linux	Linux	< 9.2.0-11289

References (8)

https://git.kernel.org/stable/c/9496fb96ddeb740dc6b966f4a7d8dfb8b93921c6
https://git.kernel.org/stable/c/663fff29fd613e2b0d30c4138157312ba93c4939
https://git.kernel.org/stable/c/5373a1aa91b2298f9305794b8270cf9896be96b6
https://git.kernel.org/stable/c/caac4b6c15b66feae4d83f602e1e46f124540202
https://git.kernel.org/stable/c/baf420e30364ef9efe3e29a5c0e01e612aebf3fe
https://git.kernel.org/stable/c/7ae9f55a495077f838bab466411ee6f38574df9b
https://git.kernel.org/stable/c/b1b04b56745bc79286c80aa876fabfab1e08ebf1
https://git.kernel.org/stable/c/5f1c7031e044cb2fba82836d55cc235e2ad619dc