How severe is CVE-2023-52776?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2023-52776?

This is classified as CWE-416, which is a common weakness in software security.

CVE-2023-52776 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dfs-radar and temperature event locking The ath12k active pdevs are protected by RCU but the DFS-radar and temperature event handling code calling ath12k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. Mark the code in question as RCU read-side critical sections to avoid any potential use-after-free issues. Note that the temperature event handler looks like a place holder currently but would still trigger an RCU lockdep splat. Compile tested only.

Related Vulnerabilities

CVE-2016-7180

MEDIUM

CVSS:5.9(Medium)

epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial o...

CWE-4162016

CVE-2016-9373

MEDIUM

CVSS:5.9(Medium)

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dce...

CWE-4162016

CVE-2017-12133

MEDIUM

CVSS:5.9(Medium)

Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors rela...

CWE-4162017

CVE-2017-15271

MEDIUM

CVSS:5.9(Medium)

A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentication. The PSFTPd server did not automatically rest...

CWE-4162017

CVE-2018-11412

MEDIUM

CVSS:5.9(Medium)

In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stor...

CWE-4162018

CVE-2020-8649

MEDIUM

CVSS:5.9(Medium)

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.

CWE-4162020