Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: htchst: In the ath9khtcrxmsg function, if there is no callback function, the provided skb is not freed. It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – Do not allow overwriting of ENDPOINT0 attributes A malicious USB device can construct a service connection response message with the target endpoint being ENDPOINT0, which is reserved for HTCCTRLRSVDSVC and should n...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ath11k: Fixed the issue where the skb was not dropped when an htctxcompletion error occurred. When an htctxcompletion error occurs, the skb is not discarded. This is incorrect because the completionhandler logic expects the sk...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Use skbsetlength to reset urb before resubmitting it. Syzbot points out that skbtrim has a sanity check on the existing length of the skb; this length might not be initialized in some error-prone situations. The...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Abort software beacon handling if disabled. A malicious USB device can send an WMISWBAEVENTID event from an ath9khtc-managed device before beaconing is enabled. This causes a device-by-zero error in the driver,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath9k – Fixed a potential array-index-out-of-bounds read in ath9khtctxstatus. The bug occurs when txs-cnt, which is a value from a URB provided by a USB device, is larger than the size of the array txs-txstatus, which is...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: Avoid reading uninitialized memory in ath9khtcrxmsg. syzbot reports that the uninitialized value is accessed at ath9khtcrxmsg. For ioctlUSBRAWIOCTLEPWRITE, the function ath9khifusbrxstream may call with pktlen = 0, b...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – added a range check for connrspepid in htcconnectservice. I’ve also found the following bugs in my fuzzer: - UBSAN: Array index out of bounds in drivers/net/wireless/ath/ath9k/htchst.c:26:51. Index 255 is out of ran...

Astra Linux - уязвимость в linux-5.10, linux

A use-after-free flaw was discovered in the Linux kernel’s Atheros wireless adapter driver, where a user can cause the ath9khtcwaitfortarget function to fail with certain input messages. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ath9k: Fixed a use-after-free in ath9khifusbrxcb. Syzbot reported a use-after-free during the Read operation in ath9khifusbrxcb. The problem stemmed from incorrect initialization of htchandle-drvpriv. A possible call trace tha...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values issues Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013755 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010851)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010851 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013149)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013149 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in...

ROS-20260220-73-0003

A vulnerability in the ath9khtcswba function of the wifi component of the Linux operating system kernel is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

RHEL 9 : kernel (RHSA-2026:2573)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2573 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: ath9khtc...

CVE-2020-36933

CVE-2020-36933 affects HTC IPTInstaller 4.0.9 with an unquoted service path in the PassThru Service configuration. This allows an attacker to exploit the unquoted binary path to inject and run arbitrary code with elevated LocalSystem privileges. Documents consistently describe the root cause as a...

HTC IPTInstaller code-related vulnerabilities

HTC IPTInstaller is a Windows platform tool plugin developed by HTC Corporation in the United States. Version 4.0.9 of HTC IPTInstaller contains a code vulnerability; this vulnerability stems from the service path not being enclosed in quotes, which may allow for the execution of arbitrary code...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003992)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003992 advisory. Memory leaks in drivers/net/wireless/ath/ath9k/htchst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003790 advisory. Memory leaks in drivers/net/wireless/ath/ath9k/htchst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by...