1518 matches found
CVE-2026-58374
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...
UBUNTU-CVE-2026-58374
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...
CVE-2026-58374
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...
CVE-2026-58374
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...
CVE-2026-58374
CVE-2026-58374 describes a bounds-check vulnerability in hostapd (before 2.12) where an MLO association request can cause an out-of-bounds write due to parsing a link_id value of 15, while the storage only supports IDs 0–14. This unauthenticated, range-limited attacker could trigger a denial of s...
EUVD-2026-40306
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...
PT-2026-53877
Name of the Vulnerable Software and Affected Versions hostapd versions 2.11 through 2.11 Description A missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted managemen...
CVE-2026-53317
A flaw was found in the Linux kernel's Wi-Fi drivers mt76 and mt7921. A remote attacker could exploit this by configuring a Wi-Fi station with an Association ID AID exceeding the expected limit. This malformed AID can cause a firmware crash, leading to a Denial of Service DoS on the affected...
SUSE CVE-2026-53317
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...
CVE-2026-53317
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...
EUVD-2026-39852
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...
CVE-2026-52979
A flaw was found in the Linux kernel's Platform Security Processor PSP network driver. This vulnerability occurs when creating a device association, where the system fails to properly check if the device has been unregistered. A race condition exists where the device can be unregistered before a...
CVE-2026-52917
A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP diagnostics. When performing a socket diagnostic sockdiag lookup, the system may attempt to access memory related to an SCTP association that has already been freed. This can lead to an out-of-bounds read from...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed a stack buffer overflow issue during the parsing of the OnAssocReq IE. The length of the Supported Rates IE from an incoming Association Request frame was directly used as the length for the memcpy...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed a NULL pointer dereferencing in sndusbmixercontrolsbadd. In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved using usbifnumtoif. If this call fails, a...
CVE-2026-52917
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
UBUNTU-CVE-2026-52924
In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...
CVE-2026-52917
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
CVE-2026-52917 sctp: diag: reject stale associations in dump_one path
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211 – Reject authentication/association requests to APs using our own address. If the AP uses our own address as its MLD Media Access Point Identifier or BSSID Basic Service Set Identifier, then something is clearly...