{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53565","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-10-04T15:14:15.924Z","datePublished":"2025-10-04T15:17:07.921Z","dateUpdated":"2026-05-11T19:47:25.729Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:47:25.729Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check for probe() id argument being NULL\n\nThe probe() id argument may be NULL in 2 scenarios:\n\n1. brcmf_pcie_pm_leave_D3() calling brcmf_pcie_probe() to reprobe\n   the device.\n\n2. If a user tries to manually bind the driver from sysfs then the sdio /\n   pcie / usb probe() function gets called with NULL as id argument.\n\n1. Is being hit by users causing the following oops on resume and causing\nwifi to stop working:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000018\n<snip>\nHardware name: Dell Inc. XPS 13 9350/0PWNCR, BIDS 1.13.0 02/10/2020\nWorkgueue: events_unbound async_run_entry_fn\nRIP: 0010:brcmf_pcie_probe+Ox16b/0x7a0 [brcmfmac]\n<snip>\nCall Trace:\n <TASK>\n brcmf_pcie_pm_leave_D3+0xc5/8x1a0 [brcmfmac be3b4cefca451e190fa35be8f00db1bbec293887]\n ? pci_pm_resume+0x5b/0xf0\n ? pci_legacy_resume+0x80/0x80\n dpm_run_callback+0x47/0x150\n device_resume+0xa2/0x1f0\n async_resume+0x1d/0x30\n<snip>\n\nFix this by checking for id being NULL.\n\nIn the PCI and USB cases try a manual lookup of the id so that manually\nbinding the driver through sysfs and more importantly brcmf_pcie_probe()\non resume will work.\n\nFor the SDIO case there is no helper to do a manual sdio_device_id lookup,\nso just directly error out on a NULL id there."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c","drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c","drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c"],"versions":[{"version":"da6d9c8ecd00e20218461007948f2b0a8e7fa242","lessThan":"84766e77a5c35e2b60e34f570c62fc97adc05e09","status":"affected","versionType":"git"},{"version":"da6d9c8ecd00e20218461007948f2b0a8e7fa242","lessThan":"60fc756fc8e6954a5618eecac73b255d651602e4","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c","drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c","drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c"],"versions":[{"version":"6.2","status":"affected"},{"version":"0","lessThan":"6.2","status":"unaffected","versionType":"semver"},{"version":"6.3.4","lessThanOrEqual":"6.3.*","status":"unaffected","versionType":"semver"},{"version":"6.4","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.3.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/84766e77a5c35e2b60e34f570c62fc97adc05e09"},{"url":"https://git.kernel.org/stable/c/60fc756fc8e6954a5618eecac73b255d651602e4"}],"title":"wifi: brcmfmac: Check for probe() id argument being NULL","x_generator":{"engine":"bippy-1.2.0"}}}}