Lucene search
K

1518 matches found

NVD
NVD
added 5 days ago10 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS0.00282EPSS
Exploits0References5
OSV
OSV
added 5 days ago2 views

UBUNTU-CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS5.8AI score0.00282EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

6.5CVSS0.00282EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 5 days ago4 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS5.7AI score0.00282EPSS
Exploits0References5
CVE
CVE
added 5 days ago14 views

CVE-2026-58374

CVE-2026-58374 describes a bounds-check vulnerability in hostapd (before 2.12) where an MLO association request can cause an out-of-bounds write due to parsing a link_id value of 15, while the storage only supports IDs 0–14. This unauthenticated, range-limited attacker could trigger a denial of s...

7.1CVSS5.8AI score0.00282EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40306

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-53877

Name of the Vulnerable Software and Affected Versions hostapd versions 2.11 through 2.11 Description A missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted managemen...

7.1CVSS5.9AI score0.00282EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-53317

A flaw was found in the Linux kernel's Wi-Fi drivers mt76 and mt7921. A remote attacker could exploit this by configuring a Wi-Fi station with an Association ID AID exceeding the expected limit. This malformed AID can cause a firmware crash, leading to a Denial of Service DoS on the affected...

5.5CVSS5.8AI score0.00157EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.6 views

SUSE CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.8AI score0.00157EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.5 views

CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

0.00157EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 7:41 p.m.5 views

EUVD-2026-39852

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.8AI score0.00157EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 7:10 p.m.8 views

CVE-2026-52979

A flaw was found in the Linux kernel's Platform Security Processor PSP network driver. This vulnerability occurs when creating a device association, where the system fails to properly check if the device has been unregistered. A race condition exists where the device can be unregistered before a...

5.7AI score0.00166EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 3:36 p.m.9 views

CVE-2026-52917

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP diagnostics. When performing a socket diagnostic sockdiag lookup, the system may attempt to access memory related to an SCTP association that has already been freed. This can lead to an out-of-bounds read from...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed a stack buffer overflow issue during the parsing of the OnAssocReq IE. The length of the Supported Rates IE from an incoming Association Request frame was directly used as the length for the memcpy...

6.9AI score0.00198EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed a NULL pointer dereferencing in sndusbmixercontrolsbadd. In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved using usbifnumtoif. If this call fails, a...

6AI score0.00165EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 8:16 a.m.7 views

CVE-2026-52917

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

7.1CVSS0.00126EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.3 views

UBUNTU-CVE-2026-52924

In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...

9.8CVSS5.6AI score0.00265EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52917

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

5.7AI score0.00126EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.28 views

CVE-2026-52917 sctp: diag: reject stale associations in dump_one path

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

7.1CVSS0.00126EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211 – Reject authentication/association requests to APs using our own address. If the AP uses our own address as its MLD Media Access Point Identifier or BSSID Basic Service Set Identifier, then something is clearly...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References1
Rows per page
Query Builder