Vulnerabilities > CVE-2023-7042 - NULL Pointer Dereference vulnerability in Linux Kernel

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

CWE-476

NVD

Published: 2023-12-21

Updated: 2024-06-27

Summary

A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel -	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://access.redhat.com/security/cve/CVE-2023-7042
https://bugzilla.redhat.com/show_bug.cgi?id=2255497
https://patchwork.kernel.org/project/linux-wireless/patch/[email protected]/
https://lists.fedoraproject.org/archives/list/[email protected]/message/54PLF5J33IRSLSR4UU6LQSMXX6FI5AOQ/
https://lists.fedoraproject.org/archives/list/[email protected]/message/C25BK2YH5MZ6VNQXKF2NAJBTGXVEPKGC/
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html