Main Vulnerability Database SB20250916174

SB20250916174 - NULL pointer dereference in Linux kernel mt76 mt7996 driver

Published: September 16, 2025 Updated: September 22, 2025

Security Bulletin ID SB20250916174

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2023-53203)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mt7996_mac_write_txwi_80211() and mt7996_mac_write_txwi() functions in drivers/net/wireless/mediatek/mt76/mt7996/mac.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/0765b5b4719f0435bb019370b317d2fb8138eb34
https://git.kernel.org/stable/c/0b8e2d69467f78a7c9d87b452220e87012435e33
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.3
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3