Null Pointer Dereference Vulnerability in Linux Kernel's iwlwifi Product
CVE-2023-53251

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 September 2025

What is CVE-2023-53251?

A vulnerability in the Linux kernel's iwlwifi driver allows for a null pointer dereference in the PCIE handling code. This occurs due to conditions where the reception queue (rxq) may incorrectly be assessed as null. Specifically, if the transmission PCIE instance’s rxq is null while processing a certain entry of the queue, the driver could encounter a critical fault, potentially leading to unexpected behavior or system crashes. The fix involves implementing a proper check ensuring that the rxq is validated only if the entry is not empty, thus improving the stability and security of systems utilizing the iwlwifi driver.

Affected Version(s)

Linux abc599efa67bb4138536360e07d677052b19e392 < 3b9de981fe7f1c6e07c7b852421ad69be3d4b6c2

Linux abc599efa67bb4138536360e07d677052b19e392 < 2d690495eb2766d58e25c83676f422219c4fcf18

Linux abc599efa67bb4138536360e07d677052b19e392 < 390e44efcf4d390b5053ad112553155d2d097c73

References

https://git.kernel.org/stable/c/3b9de981fe7f1c6e07c7b8524...

https://git.kernel.org/stable/c/2d690495eb2766d58e25c8367...

https://git.kernel.org/stable/c/390e44efcf4d390b5053ad112...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Sep 15, 2025