CVE-2023-53602 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod. Fix it by calling ath11k_fw_stats_free() function before hardware unregister. While at it, avoid calling ath11k_fw_stats_free() while processing the firmware stats received in the WMI event because the local list is getting spliced and reinitialised and hence there are no elements in the list after splicing. Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/55248d36beb79d3a61c9fb3122dc377fff523c89
https://git.kernel.org/stable/c/6aafa1c2d3e3fea2ebe84c018003f2a91722e607
https://git.kernel.org/stable/c/86f9330a49d1464849482298dd34d361859183eb

History

Sat, 04 Oct 2025 16:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod. Fix it by calling ath11k_fw_stats_free() function before hardware unregister. While at it, avoid calling ath11k_fw_stats_free() while processing the firmware stats received in the WMI event because the local list is getting spliced and reinitialised and hence there are no elements in the list after splicing. Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1
Title		wifi: ath11k: fix memory leak in WMI firmware stats
References		https://git.kernel.org/stable/c/55248d36beb79d3a61c9fb3122dc377fff523c89 https://git.kernel.org/stable/c/6aafa1c2d3e3fea2ebe84c018003f2a91722e607 https://git.kernel.org/stable/c/86f9330a49d1464849482298dd34d361859183eb

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-04T15:44:13.155Z

Updated: 2025-10-04T15:44:13.155Z

Reserved: 2025-10-04T15:40:38.479Z

Link: CVE-2023-53602

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-04T16:15:56.830

Modified: 2025-10-04T16:15:56.830

Link: CVE-2023-53602

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53602", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-10-04T15:40:38.479Z", "datePublished": "2025-10-04T15:44:13.155Z", "dateUpdated": "2025-10-04T15:44:13.155Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-04T15:44:13.155Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix memory leak in WMI firmware stats\n\nMemory allocated for firmware pdev, vdev and beacon statistics\nare not released during rmmod.\n\nFix it by calling ath11k_fw_stats_free() function before hardware\nunregister.\n\nWhile at it, avoid calling ath11k_fw_stats_free() while processing\nthe firmware stats received in the WMI event because the local list\nis getting spliced and reinitialised and hence there are no elements\nin the list after splicing.\n\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ath/ath11k/mac.c", "drivers/net/wireless/ath/ath11k/wmi.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "86f9330a49d1464849482298dd34d361859183eb", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "55248d36beb79d3a61c9fb3122dc377fff523c89", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "6aafa1c2d3e3fea2ebe84c018003f2a91722e607", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/ath/ath11k/mac.c", "drivers/net/wireless/ath/ath11k/wmi.c"], "versions": [{"version": "6.1.42", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.7", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.42"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.4.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/86f9330a49d1464849482298dd34d361859183eb"}, {"url": "https://git.kernel.org/stable/c/55248d36beb79d3a61c9fb3122dc377fff523c89"}, {"url": "https://git.kernel.org/stable/c/6aafa1c2d3e3fea2ebe84c018003f2a91722e607"}], "title": "wifi: ath11k: fix memory leak in WMI firmware stats", "x_generator": {"engine": "bippy-1.2.0"}}}}