CVE-2023-53808 - Vulnerability Details

- wifi: mwifiex: fix memory leak in mwifiex_histogram_read()

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: mwifiex: fix memory leak in mwifiex_histogram_read()

Always free the zeroed page on return from 'mwifiex_histogram_read()'.

Published: 2025-12-09

Score: 7.0 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`cbf6e05527a7654ac1c4f4787dfd7a182fcc0c73`	affected	< d3b53ac2b60283f84bcc650aaa8af98500f37b56
`cbf6e05527a7654ac1c4f4787dfd7a182fcc0c73`	affected	< 7be90670b967d11f53a9d45bc88fa8ac9daf9709
`cbf6e05527a7654ac1c4f4787dfd7a182fcc0c73`	affected	< 8f717752f94efae84853e17f2589665c330a0cf5
`cbf6e05527a7654ac1c4f4787dfd7a182fcc0c73`	affected	< 0c4240d23db525208fd40dd6371ca3254fa1b93d
`cbf6e05527a7654ac1c4f4787dfd7a182fcc0c73`	affected	< 308eb3a609ac39ca9c3e466b35e8825007c8d826
`cbf6e05527a7654ac1c4f4787dfd7a182fcc0c73`	affected	< 84081b4baafb49211193c6a056d5aee9c0e6ab8e
`cbf6e05527a7654ac1c4f4787dfd7a182fcc0c73`	affected	< 5d66b32a6ecf2e2e1a9523eaa4f8b314832fe06c
`cbf6e05527a7654ac1c4f4787dfd7a182fcc0c73`	affected	< f76e1da838377777557d78dfeb6d8c532f7118be
`cbf6e05527a7654ac1c4f4787dfd7a182fcc0c73`	affected	< 9c8fd72a5c2a031cbc680a2990107ecd958ffcdb

Linux

affected

Version	Status	Constraints
`4.0`	affected	—
`0`	unaffected	< 4.0
`4.14.326`	unaffected	≤ 4.14.*
`4.19.295`	unaffected	≤ 4.19.*
`5.4.257`	unaffected	≤ 5.4.*
`5.10.195`	unaffected	≤ 5.10.*
`5.15.132`	unaffected	≤ 5.15.*
`6.1.53`	unaffected	≤ 6.1.*
`6.4.16`	unaffected	≤ 6.4.*
`6.5.3`	unaffected	≤ 6.5.*
`6.6`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0004.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/0c4240d23db525208fd40dd6371ca3254fa1b93d
https://git.kernel.org/stable/c/308eb3a609ac39ca9c3e466b35e8825007c8d826
https://git.kernel.org/stable/c/5d66b32a6ecf2e2e1a9523eaa4f8b314832fe06c
https://git.kernel.org/stable/c/7be90670b967d11f53a9d45bc88fa8ac9daf9709
https://git.kernel.org/stable/c/84081b4baafb49211193c6a056d5aee9c0e6ab8e
https://git.kernel.org/stable/c/8f717752f94efae84853e17f2589665c330a0cf5
https://git.kernel.org/stable/c/9c8fd72a5c2a031cbc680a2990107ecd958ffcdb
https://git.kernel.org/stable/c/d3b53ac2b60283f84bcc650aaa8af98500f37b56
https://git.kernel.org/stable/c/f76e1da838377777557d78dfeb6d8c532f7118be
https://lore.kernel.org/linux-cve-announce/2025120944-CVE-2023-53808-e169@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53808
https://www.cve.org/CVERecord?id=CVE-2023-53808

History

Wed, 10 Dec 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025120944-CVE-2023-53808-e169@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53808 https://www.cve.org/CVERecord?id=CVE-2023-53808
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Important`

Tue, 09 Dec 2025 00:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix memory leak in mwifiex_histogram_read() Always free the zeroed page on return from 'mwifiex_histogram_read()'.
Title		wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/0c4240d23db525208fd40dd6371ca3254fa1b93d https://git.kernel.org/stable/c/308eb3a609ac39ca9c3e466b35e8825007c8d826 https://git.kernel.org/stable/c/5d66b32a6ecf2e2e1a9523eaa4f8b314832fe06c https://git.kernel.org/stable/c/7be90670b967d11f53a9d45bc88fa8ac9daf9709 https://git.kernel.org/stable/c/84081b4baafb49211193c6a056d5aee9c0e6ab8e https://git.kernel.org/stable/c/8f717752f94efae84853e17f2589665c330a0cf5 https://git.kernel.org/stable/c/9c8fd72a5c2a031cbc680a2990107ecd958ffcdb https://git.kernel.org/stable/c/d3b53ac2b60283f84bcc650aaa8af98500f37b56 https://git.kernel.org/stable/c/f76e1da838377777557d78dfeb6d8c532f7118be

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-09T00:01:06.210Z

Updated: 2026-05-11T19:51:54.609Z

Reserved: 2025-12-08T23:58:35.276Z

Link: CVE-2023-53808

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2025-12-09T01:16:52.807

Modified: 2026-04-15T00:35:42.020

Link: CVE-2023-53808

Redhat

Severity : Important

Publid Date: 2025-12-09T00:00:00Z

Links: CVE-2023-53808 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object