1. Home
  2. Vulnerabilities
  3. CVE-2023-53717
0.0
NA
CVE-2023-53717
wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback()
Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wmi_cmd(). The callback writes to wmi->cmd_rsp_buf, a stack-allocated buffer that could no longer be valid when a timeout occurs. Set wmi->last_seq_id to 0 when a timeout occurred. Found by a modified version of syzkaller. BUG: KASAN: stack-out-of-bounds in ath9k_wmi_ctrl_rx Write of size 4 Call Trace: memcpy ath9k_wmi_ctrl_rx ath9k_htc_rx_msg ath9k_hif_usb_reg_in_cb __usb_hcd_giveback_urb usb_hcd_giveback_urb dummy_timer call_timer_fn run_timer_softirq __do_softirq irq_exit_rcu sysvec_apic_timer_interrupt

INFO

Published Date :

Oct. 22, 2025, 2:15 p.m.

Last Modified :

Oct. 22, 2025, 9:12 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2023-53717 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
Solution
Apply kernel updates to fix stack-out-of-bounds write in WMI response callback.
  • Update the Linux kernel to the latest version.
  • Apply the specific patch for ath9k vulnerability.
  • Recompile and install the patched kernel.
  • Reboot the system to load the new kernel.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-53717.

URL Resource
https://git.kernel.org/stable/c/1af7eacfad45149c54893a8a9df9e92ef89f0a90
https://git.kernel.org/stable/c/554048a72d7ecfdd58cc1bfb56e0a1864e64e82c
https://git.kernel.org/stable/c/78b56b0a613a87b61290b95be497fdfe2fe58aa6
https://git.kernel.org/stable/c/89a33c3c847b19b19205cde1d924df2a6c70d8eb
https://git.kernel.org/stable/c/8a2f35b9830692f7a616f2f627f943bc748af13a
https://git.kernel.org/stable/c/8f28513d9520184059530c01a9f928a1b3809d3f
https://git.kernel.org/stable/c/ae4933b4f17de8e2b7ff6f91b17d3b0099a6d6bc
https://git.kernel.org/stable/c/bf6dc175a2b53098a69db1236d9d53982f4b1bc0
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-53717 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-53717 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-53717 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2023-53717 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Oct. 22, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wmi_cmd(). The callback writes to wmi->cmd_rsp_buf, a stack-allocated buffer that could no longer be valid when a timeout occurs. Set wmi->last_seq_id to 0 when a timeout occurred. Found by a modified version of syzkaller. BUG: KASAN: stack-out-of-bounds in ath9k_wmi_ctrl_rx Write of size 4 Call Trace: memcpy ath9k_wmi_ctrl_rx ath9k_htc_rx_msg ath9k_hif_usb_reg_in_cb __usb_hcd_giveback_urb usb_hcd_giveback_urb dummy_timer call_timer_fn run_timer_softirq __do_softirq irq_exit_rcu sysvec_apic_timer_interrupt
    Added Reference https://git.kernel.org/stable/c/1af7eacfad45149c54893a8a9df9e92ef89f0a90
    Added Reference https://git.kernel.org/stable/c/554048a72d7ecfdd58cc1bfb56e0a1864e64e82c
    Added Reference https://git.kernel.org/stable/c/78b56b0a613a87b61290b95be497fdfe2fe58aa6
    Added Reference https://git.kernel.org/stable/c/89a33c3c847b19b19205cde1d924df2a6c70d8eb
    Added Reference https://git.kernel.org/stable/c/8a2f35b9830692f7a616f2f627f943bc748af13a
    Added Reference https://git.kernel.org/stable/c/8f28513d9520184059530c01a9f928a1b3809d3f
    Added Reference https://git.kernel.org/stable/c/ae4933b4f17de8e2b7ff6f91b17d3b0099a6d6bc
    Added Reference https://git.kernel.org/stable/c/bf6dc175a2b53098a69db1236d9d53982f4b1bc0
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.