CVE-2023-54029 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO For MLO, we cannot use vif->bss_conf.chandef.chan->band, since that will lead to a NULL-ptr dereference as bss_conf isn't used. However, in case of real MLO, we also need to take both LMACs into account if they exist, since the station might be active on both LMACs at the same time.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/4489aa868bc6343afdaf5ef324af5b1f64962b25
https://git.kernel.org/stable/c/63e2d06adf6b0842132ba89efdf8fada5f7ff1ac
https://git.kernel.org/stable/c/b2bc600cced23762d4e97db8989b18772145604f

History

Wed, 24 Dec 2025 11:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO For MLO, we cannot use vif->bss_conf.chandef.chan->band, since that will lead to a NULL-ptr dereference as bss_conf isn't used. However, in case of real MLO, we also need to take both LMACs into account if they exist, since the station might be active on both LMACs at the same time.
Title		wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/4489aa868bc6343afdaf5ef324af5b1f64962b25 https://git.kernel.org/stable/c/63e2d06adf6b0842132ba89efdf8fada5f7ff1ac https://git.kernel.org/stable/c/b2bc600cced23762d4e97db8989b18772145604f

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T10:55:57.443Z

Updated: 2025-12-24T10:55:57.443Z

Reserved: 2025-12-24T10:53:46.180Z

Link: CVE-2023-54029

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-24T11:15:55.900

Modified: 2025-12-24T11:15:55.900

Link: CVE-2023-54029

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-54029", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-24T10:53:46.180Z", "datePublished": "2025-12-24T10:55:57.443Z", "dateUpdated": "2025-12-24T10:55:57.443Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T10:55:57.443Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO\n\nFor MLO, we cannot use vif->bss_conf.chandef.chan->band, since\nthat will lead to a NULL-ptr dereference as bss_conf isn't used.\nHowever, in case of real MLO, we also need to take both LMACs\ninto account if they exist, since the station might be active\non both LMACs at the same time."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/intel/iwlwifi/mvm/tx.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "63e2d06adf6b0842132ba89efdf8fada5f7ff1ac", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "4489aa868bc6343afdaf5ef324af5b1f64962b25", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "b2bc600cced23762d4e97db8989b18772145604f", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/intel/iwlwifi/mvm/tx.c"], "versions": [{"version": "6.1.30", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3.4", "lessThanOrEqual": "6.3.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.3.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.4"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/63e2d06adf6b0842132ba89efdf8fada5f7ff1ac"}, {"url": "https://git.kernel.org/stable/c/4489aa868bc6343afdaf5ef324af5b1f64962b25"}, {"url": "https://git.kernel.org/stable/c/b2bc600cced23762d4e97db8989b18772145604f"}], "title": "wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO", "x_generator": {"engine": "bippy-1.2.0"}}}}