CVE-2023-47233

low-risk

Published 2023-11-03

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.

Do I need to act?

-

0.02% chance of exploitation

EPSS score — low exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

4

CVSS 4.3/10 Medium

PHYSICAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (12)

Issue Tracking https://bugzilla.suse.com/show_bug.cgi?id=1216702

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f735...

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Mailing List https://lore.kernel.org/all/20231104054709.716585-1-zyytlz.wz%40163.com/

Mailing List https://marc.info/?l=linux-kernel&m=169907678011243&w=2

Issue Tracking https://bugzilla.suse.com/show_bug.cgi?id=1216702

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f735...

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Mailing List https://lore.kernel.org/all/20231104054709.716585-1-zyytlz.wz%40163.com/

Mailing List https://marc.info/?l=linux-kernel&m=169907678011243&w=2

20

/ 100

low-risk

Severity 15/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal