{"id":"CVE-2023-54286","summary":"wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace\n\nA received TKIP key may be up to 32 bytes because it may contain\nMIC rx/tx keys too. These are not used by iwl and copying these\nover overflows the iwl_keyinfo.key field.\n\nAdd a check to not copy more data to iwl_keyinfo.key then will fit.\n\nThis fixes backtraces like this one:\n\n memcpy: detected field-spanning write (size 32) of single field \"sta_cmd.key.key\" at drivers/net/wireless/intel/iwlwifi/dvm/sta.c:1103 (size 16)\n WARNING: CPU: 1 PID: 946 at drivers/net/wireless/intel/iwlwifi/dvm/sta.c:1103 iwlagn_send_sta_key+0x375/0x390 [iwldvm]\n \u003csnip\u003e\n Hardware name: Dell Inc. Latitude E6430/0H3MT5, BIOS A21 05/08/2017\n RIP: 0010:iwlagn_send_sta_key+0x375/0x390 [iwldvm]\n \u003csnip\u003e\n Call Trace:\n  \u003cTASK\u003e\n  iwl_set_dynamic_key+0x1f0/0x220 [iwldvm]\n  iwlagn_mac_set_key+0x1e4/0x280 [iwldvm]\n  drv_set_key+0xa4/0x1b0 [mac80211]\n  ieee80211_key_enable_hw_accel+0xa8/0x2d0 [mac80211]\n  ieee80211_key_replace+0x22d/0x8e0 [mac80211]\n \u003csnip\u003e","modified":"2026-04-02T09:45:44.749909Z","published":"2025-12-30T12:23:26.421Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0316-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54286.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/3ed3c1c2fc3482b72e755820261779cd2e2c5a3e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/57189c885149825be8eb8c3524b5af017fdeb941"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6cd644f66b43709816561d63e0173cb0c7aab159"},{"type":"WEB","url":"https://git.kernel.org/stable/c/76b5ea43ad2fb4f726ddfaff839430a706e7d7c2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/87940e4030e4705e1f3fd2bbb1854eae8308314b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/91ad1ab3cc7e981cb6d6ee100686baed64e1277e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ef16799640865f937719f0771c93be5dca18adc6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fa57021262e998e2229d6383b1081638df2fe238"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54286.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54286"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5a3d9882b84edf5fa8e8ca33a5d6df25e2e727a5"},{"fixed":"76b5ea43ad2fb4f726ddfaff839430a706e7d7c2"},{"fixed":"3ed3c1c2fc3482b72e755820261779cd2e2c5a3e"},{"fixed":"fa57021262e998e2229d6383b1081638df2fe238"},{"fixed":"91ad1ab3cc7e981cb6d6ee100686baed64e1277e"},{"fixed":"87940e4030e4705e1f3fd2bbb1854eae8308314b"},{"fixed":"57189c885149825be8eb8c3524b5af017fdeb941"},{"fixed":"6cd644f66b43709816561d63e0173cb0c7aab159"},{"fixed":"ef16799640865f937719f0771c93be5dca18adc6"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54286.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.1.0"},{"fixed":"4.14.316"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.284"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.244"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.181"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.113"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.30"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.3.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54286.json"}}],"schema_version":"1.7.5"}