Firmware Resource Deinitialization Flaw in Linux Kernel's Atheros ath11k
CVE-2023-53532

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53532?

A vulnerability has been identified in the Atheros ath11k component of the Linux kernel, related to the improper deinitialization of firmware resources. The issue arises during the shutdown process of the ath11k driver, specifically when dealing with chipsets that do not use fixed firmware memory. In such cases, the system incorrectly attempts to unmap a memory area that was not mapped initially, leading to a NULL pointer dereference. This flaw can be exploited to cause potential system instability or crashes, highlighting the need for observant management of firmware resource states.

Affected Version(s)

Linux f9eec4947add999e1251bf14365a48a655b786a4 < 0324300dce3412d4737b4ec5898d0188495a7caa

Linux f9eec4947add999e1251bf14365a48a655b786a4 < 8faf862d81ab197757761e87d0a99fbb96ab2cf0

Linux f9eec4947add999e1251bf14365a48a655b786a4

References

https://git.kernel.org/stable/c/0324300dce3412d4737b4ec58...

https://git.kernel.org/stable/c/8faf862d81ab197757761e87d...

https://git.kernel.org/stable/c/a1548363582a8066edd4986f8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON