CVE-2023-52777

Updated: 2026-02-27 01:43:27.083542

Description:

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical section. Mark the code in question as an RCU read-side critical section to avoid any potential use-after-free issues. Compile tested only.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Released CLSA-2025:1758796886 2025-09-25 17:26:20
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2025-09-28 00:17:28 Not affected: CVE-2023-52777 is confined to the Qualcomm ath11k Wi‑Fi (802.11ax) driver’s GTK of...
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Not Vulnerable 2025-09-16 14:08:32 CVE-2023-52777 affects the ath11k Wi‑Fi driver’s GTK offload status event handling for Qualcomm ...
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2025-12-08 19:04:13 Not affected. CVE-2023-52777 only impacts the Qualcomm ath11k Wi‑Fi driver’s GTK offload status ...
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2026-02-21 22:35:25 Not affected. CVE-2023-52777 only impacts the Qualcomm ath11k Wi‑Fi driver’s GTK offload status ...
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2026:1770032032 2026-02-02 16:30:09
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Ignored 2025-09-23 10:56:28 Postponed until request or high risk detected
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Ignored 2025-09-23 10:56:24 Postponed until request or high risk detected
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2025-11-02 11:10:03 Not affected: CVE-2023-52777 is confined to the Qualcomm ath11k Wi‑Fi (802.11ax) driver’s GTK of...