DEBIAN-CVE-2023-47233

DEBIAN-CVE-2023-47233 PUBLISHED CVSS 4.300000190734863 MEDIUM

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.

Risk Scores

CVSS 3.1

4.300000190734863

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	linux	0, 0, 0
Debian:12	linux	0, *, 6.1.38-1
Debian:14	linux	0, 0, 0
Debian:11	linux	5.10.205-1, 5.10.205-2, 5.10.209-1

Timeline

Nov 3, 2023 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-47233 advisory

Open in Interactive Console →