Medium severity4.3NVD Advisory· Published Nov 3, 2023· Updated May 12, 2026

CVE-2023-47233

Description

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <=6.5.10
Linux/Linux kerneldescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lore.kernel.org/all/20231104054709.716585-1-zyytlz.wz%40163.com/nvdMailing ListPatch
marc.infonvdMailing ListPatch
bugzilla.suse.com/show_bug.cginvdIssue TrackingThird Party Advisory
cert-portal.siemens.com/productcert/html/ssa-265688.htmlnvd
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvd
lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlnvd
lists.debian.org/debian-lts-announce/2024/06/msg00020.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.280
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000