141 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Wifi: libertas – Fixed a possible reference count leak in ifusbprobe. The function usbgetdev will be called before lbsgetfirmwareasync. This means that the function usbputdev must be called when lbsgetfirmwareasync fails...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: libertas – fixed a memory leak in lbsinitadapter. When kfifoalloc failed in lbsinitadapter, the command buffer was not released. Add freed memory to the processing error path...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: libertas – Fixed some memory leaks in lbsallocatecmdbuffer. In the lbsallocatecmdbuffer function, if the allocation of cmdarrayi.cmdbuf fails, both cmdarray and cmdarrayi.cmdbuf need to be freed. Otherwise, memory leaks wil...
SUSE CVE-2026-43255
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...
EUVD-2026-27814
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...
CVE-2026-43255
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...
CVE-2026-43255
The CVE-2026-43255 entry concerns the Linux kernel component for wireless Libertus (wifi: libertas). The vulnerability arises when usb_tx_block() submits cardp->tx_urb without guaranteeing the previous URB has completed; a second call during active URB state can trigger a warning (“URB submitt...
CVE-2026-43255
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...
CVE-2026-43255
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...
CVE-2026-43255 wifi: libertas: fix WARNING in usb_tx_block
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...
PT-2026-37595
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libertas wifi component where the usb tx block function submits cardp-tx urb without verifying if previous transmissions on that URB USB Request Block have...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the libertas driver failing to ensure that the URB transmission is completed within the usbtxbloc...
wifi: libertas: fix use-after-free in lbs_free_adapter()
...
SUSE CVE-2026-23281
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbsfreeadapter The lbsfreeadapter function uses timerdelete non-synchronous for both commandtimer and txlockuptimer before the structure is freed. This is incorrect because timerdelete does n...
CVE-2026-23281
A flaw was found in the Linux kernel's Marvell Libertas Wi-Fi driver. This vulnerability, a use-after-free, occurs because the system does not properly synchronize the freeing of memory with ongoing timer operations. If a timer attempts to access resources after they have been released, it can le...
EUVD-2026-15203
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbsfreeadapter The lbsfreeadapter function uses timerdelete non-synchronous for both commandtimer and txlockuptimer before the structure is freed. This is incorrect because timerdelete does n...
CVE-2026-23281
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbsfreeadapter The lbsfreeadapter function uses timerdelete non-synchronous for both commandtimer and txlockuptimer before the structure is freed. This is incorrect because timerdelete does n...
CVE-2026-23281
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbsfreeadapter The lbsfreeadapter function uses timerdelete non-synchronous for both commandtimer and txlockuptimer before the structure is freed. This is incorrect because timerdelete does n...
UBUNTU-CVE-2026-23281
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbsfreeadapter The lbsfreeadapter function uses timerdelete non-synchronous for both commandtimer and txlockuptimer before the structure is freed. This is incorrect because timerdelete does n...
CVE-2026-23281 wifi: libertas: fix use-after-free in lbs_free_adapter()
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbsfreeadapter The lbsfreeadapter function uses timerdelete non-synchronous for both commandtimer and txlockuptimer before the structure is freed. This is incorrect because timerdelete does n...