CVE-2023-53153 Common Vulnerabilities and Exposures

Upstream information

CVE-2023-53153 at MITRE

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: cfg80211: Fix use after free for wext

Key information in wext.connect is not reset on (re)connect and can hold
data from a previous connection.

Reset key data to avoid that drivers or mac80211 incorrectly detect a
WEP connection request and access the freed or already reused memory.

Additionally optimize cfg80211_sme_connect() and avoid an useless
schedule of conn_work.

SUSE information

Overall state of this security issue: Does not affect SUSE products

SUSE Bugzilla entry: 1249877 [NEW]

No SUSE Security Announcements cross referenced.

SUSE Timeline for this CVE

CVE page created: Wed Sep 17 12:14:14 2025
CVE page last modified: Wed Sep 17 12:14:14 2025