Improper Input Validation in Linux Kernel's mac80211 Wi-Fi Driver
CVE-2023-53257

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 September 2025

What is CVE-2023-53257?

A vulnerability has been identified within the Wi-Fi driver interface of the Linux kernel involving improper input validation when handling S1G action frames. Specifically, the mac80211 subsystem fails to verify the frame's action code before checking its size. This oversight could potentially allow an attacker to exploit the unvalidated action frame, leading to undefined behavior or system instability. Appropriate checks need to be implemented to ensure the integrity and security of action frames processed by the Wi-Fi driver.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7ae7a1378a119780c8c17a6b5fc03011c3bb7029

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5e030a2509be72b452b6f4a800786d43229414db

References

https://git.kernel.org/stable/c/fedd9377dd9c71a950d432fbe...

https://git.kernel.org/stable/c/7ae7a1378a119780c8c17a6b5...

https://git.kernel.org/stable/c/5e030a2509be72b452b6f4a80...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Sep 15, 2025