Login Sign Up

CVE-2026-23133

N/A Unknown

📋 TL;DR

This CVE involves a memory management vulnerability in the Linux kernel's ath10k WiFi driver where dma_free_coherent() is called with incorrect pointer values. This could lead to memory corruption or kernel crashes. Systems using affected ath10k WiFi hardware with vulnerable kernel versions are affected.

💻 Affected Systems

Products:
  • Linux kernel with ath10k WiFi driver
Versions: Specific kernel versions containing the vulnerable commit until patched versions
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using Qualcomm Atheros ath10k WiFi hardware/chipsets

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, potential denial of service, or memory corruption that could be leveraged for privilege escalation.

🟠

Likely Case

System instability, WiFi driver crashes, or kernel panics when the affected memory management code paths are triggered.

🟢

If Mitigated

System remains stable with no impact if the vulnerable code path is not executed or if proper memory protections are in place.

🌐 Internet-Facing: LOW - Requires local access or specific WiFi driver operations to trigger.
🏢 Internal Only: MEDIUM - Local users or processes could potentially trigger the vulnerability through WiFi operations.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires triggering specific DMA memory operations in the ath10k driver

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing the fix commits (07f363f30579, 1928851334ec, 5d6fa4d2c979, 9282a1e171ad, b0ad924332a9)

Vendor Advisory: https://git.kernel.org/stable/c/07f363f305793baecad41816f73056252f3df61e

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Rebuild kernel if compiling from source. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable ath10k WiFi

all

Temporarily disable the vulnerable ath10k driver to prevent exploitation

sudo modprobe -r ath10k_pci
sudo modprobe -r ath10k_core

🧯 If You Can't Patch

  • Disable WiFi functionality using ath10k hardware
  • Implement strict access controls to limit who can use WiFi interfaces

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if ath10k modules are loaded: lsmod | grep ath10k

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits and ath10k driver loads without errors

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • ath10k driver crash logs
  • DMA allocation/deallocation errors in kernel logs

Network Indicators:

  • Sudden WiFi interface disappearance
  • Intermittent WiFi connectivity

SIEM Query:

kernel: "ath10k" AND ("panic" OR "BUG" OR "Oops" OR "segfault")

📊 Metadata

CVE ID: CVE-2026-23133
CVSS v3 Score: N/A (Unknown)
Published: February 14, 2026
Last Updated: February 18, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON