Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

017 - Ir a la línea de ayuda en Ciberseguridad    Ir a Agenda     Ir a Sala de prensa     Ir a suscripción de boletines

Ir al buscador

CVE-2023-53232

Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
15/09/2025
Última modificación:
15/09/2025

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data<br /> <br /> The MT7921 driver no longer uses eeprom.data, but the relevant code has not<br /> been removed completely since<br /> commit 16d98b548365 ("mt76: mt7921: rely on mcu_get_nic_capability").<br /> This could result in potential invalid memory access.<br /> <br /> To fix the kernel panic issue in mt7921, it is necessary to avoid accessing<br /> unallocated eeprom.data which can lead to invalid memory access.<br /> <br /> Furthermore, it is possible to entirely eliminate the<br /> mt7921_mcu_parse_eeprom function and solely depend on<br /> mt7921_mcu_parse_response to divide the RxD header.<br /> <br /> [2.702735] BUG: kernel NULL pointer dereference, address: 0000000000000550<br /> [2.702740] #PF: supervisor write access in kernel mode<br /> [2.702741] #PF: error_code(0x0002) - not-present page<br /> [2.702743] PGD 0 P4D 0<br /> [2.702747] Oops: 0002 [#1] PREEMPT SMP NOPTI<br /> [2.702755] RIP: 0010:mt7921_mcu_parse_response+0x147/0x170 [mt7921_common]<br /> [2.702758] RSP: 0018:ffffae7c00fef828 EFLAGS: 00010286<br /> [2.702760] RAX: ffffa367f57be024 RBX: ffffa367cc7bf500 RCX: 0000000000000000<br /> [2.702762] RDX: 0000000000000550 RSI: 0000000000000000 RDI: ffffa367cc7bf500<br /> [2.702763] RBP: ffffae7c00fef840 R08: ffffa367cb167000 R09: 0000000000000005<br /> [2.702764] R10: 0000000000000000 R11: ffffffffc04702e4 R12: ffffa367e8329f40<br /> [2.702766] R13: 0000000000000000 R14: 0000000000000001 R15: ffffa367e8329f40<br /> [2.702768] FS: 000079ee6cf20c40(0000) GS:ffffa36b2f940000(0000) knlGS:0000000000000000<br /> [2.702769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br /> [2.702775] CR2: 0000000000000550 CR3: 00000001233c6004 CR4: 0000000000770ee0<br /> [2.702776] PKRU: 55555554<br /> [2.702777] Call Trace:<br /> [2.702782] mt76_mcu_skb_send_and_get_msg+0xc3/0x11e [mt76 ]<br /> [2.702785] mt7921_run_firmware+0x241/0x853 [mt7921_common ]<br /> [2.702789] mt7921e_mcu_init+0x2b/0x56 [mt7921e ]<br /> [2.702792] mt7921_register_device+0x2eb/0x5a5 [mt7921_common ]<br /> [2.702795] ? mt7921_irq_tasklet+0x1d4/0x1d4 [mt7921e ]<br /> [2.702797] mt7921_pci_probe+0x2d6/0x319 [mt7921e ]<br /> [2.702799] pci_device_probe+0x9f/0x12a

Impacto

Referencias a soluciones, herramientas e información