CVE-2023-52688

Published: May 17, 2024Modified: Sep 19, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix the error handler of rfkill config When the core rfkill config throws error, it should free the allocated resources. Currently it is not freeing the core pdev create resources. Avoid this issue by calling the core pdev destroy in the error handler of core rfkill config. Found this issue in the code review and it is compile tested only.

Affected (1)

Products: Linux: Linux Kernel

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.7 to 6.7.2

Related CWEs

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (4)

https://git.kernel.org/stable/c/898d8b3e1414cd900492ee6a0b582f8095ba4a1a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/898d8b3e1414cd900492ee6a0b582f8095ba4a1a

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.