VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Apr 15, 2026

CVE-2023-54229

CVE-2023-54229

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range

Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register:

WARNING: CPU: 2 PID: 106 at net/wireless/core.c:907 wiphy_register+0x914/0x954 Modules linked in: ath11k_pci sbsa_gwdt CPU: 2 PID: 106 Comm: kworker/u8:5 Not tainted 6.3.0-rc7-next-20230418-00549-g1e096a17625a-dirty #9 Hardware name: Freebox V7R Board (DT) Workqueue: ath11k_qmi_driver_event ath11k_qmi_driver_event_work pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : wiphy_register+0x914/0x954 lr : ieee80211_register_hw+0x67c/0xc10 sp : ffffff800b123aa0 x29: ffffff800b123aa0 x28: 0000000000000000 x27: 0000000000000000 x26: 0000000000000000 x25: 0000000000000006 x24: ffffffc008d51418 x23: ffffffc008cb0838 x22: ffffff80176c2460 x21: 0000000000000168 x20: ffffff80176c0000 x19: ffffff80176c03e0 x18: 0000000000000014 x17: 00000000cbef338c x16: 00000000d2a26f21 x15: 00000000ad6bb85f x14: 0000000000000020 x13: 0000000000000020 x12: 00000000ffffffbd x11: 0000000000000208 x10: 00000000fffffdf7 x9 : ffffffc009394718 x8 : ffffff80176c0528 x7 : 000000007fffffff x6 : 0000000000000006 x5 : 0000000000000005 x4 : ffffff800b304284 x3 : ffffff800b304284 x2 : ffffff800b304d98 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: wiphy_register+0x914/0x954 ieee80211_register_hw+0x67c/0xc10 ath11k_mac_register+0x7c4/0xe10 ath11k_core_qmi_firmware_ready+0x1f4/0x570 ath11k_qmi_driver_event_work+0x198/0x590 process_one_work+0x1b8/0x328 worker_thread+0x6c/0x414 kthread+0x100/0x104 ret_from_fork+0x10/0x20 ---[ end trace 0000000000000000 ]--- ath11k_pci 0002:01:00.0: ieee80211 registration failed: -22 ath11k_pci 0002:01:00.0: failed register the radio with mac80211: -22 ath11k_pci 0002:01:00.0: failed to create pdev core: -22

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A typo in ath11k driver prevents 6GHz-only PHY registration when BDF excludes 7115MHz channel, causing device failure.

Vulnerability

Overview

In the Linux kernel's ath11k wireless driver, a typo in the channel range validation logic causes a 6GHz-only physical device (PHY) to fail registration when its Board Data File (BDF) does not include the 7115 MHz channel. The erroneous conditional statement triggers a WARN_ON and returns -EINVAL from wiphy_register(), preventing the wireless device from being used [1][2].

Exploitation

Conditions

The vulnerability manifests during driver initialization when a 6GHz-only PHY is detected. An attacker must have the ability to influence the BDF loaded onto the device, such as through firmware manipulation or by providing a malicious BDF. The bug is triggered automatically whenever a 6GHz-only PHY's channel list omits the 7115 MHz channel, but the fix is required for any 6GHz-only PHY that does not support that specific channel.

Impact

A successful exploitation leads to a denial of service: the wireless device fails to register with mac80211, rendering it non-functional. The driver reports an error and the device is unavailable for network operations. There is no evidence of memory corruption or privilege escalation.

Mitigation

The fix corrects the typo in the conditional expression. It has been backported to stable kernel trees [1][2]. Users should apply the latest stable kernel updates that include commit f97832620d7f and commit 532f8bac604. No workaround exists other than ensuring the BDF includes all channels or applying the patch.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

5
532f8bac6041
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
f97832620d7f
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
8d1342108c2b
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
32ca096e712a
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
e2ceb1de2f83
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

5

News mentions

0

No linked articles in our index yet.