CVE-2025-71297

A flaw was found in the Linux kernel's rtw88 and rtw8822b WiFi drivers. A local user can trigger a kernel warning by invoking the rtw8822bsetantenna function when the WiFi chip is powered off. This improper state handling leads to the driver attempting to read radio frequency RF registers,...

CVE-2025-71297

The provided CVE-2025-71297 stems from the Linux kernel wifi driver stack (rtw88/rtw8822b). The issue occurs when rtw8822b_set_antenna() is invoked from userspace while the wireless chip is powered off, causing rtw8822b_config_trx_mode() to read RF registers and trigger a WARNING. The patch ensur...

ASR Kestrel 缓冲区错误漏洞

ASR Kestrel is a radio frequency communication chip platform developed by ASR Corporation. Versions of ASR Kestrel prior to February 10, 2026, contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds reading in the nrfw module, which could lead to buffer overflows...

net: rfkill: prevent unlimited numbers of rfkill events from being created

...

wireshark: Buffer Over-read in Wireshark

A flaw was found in the RF4CE Profile dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a buffer over-read, resulting in a denial of service...

CVE-2026-27813 EVerest has use-after-free in auth timeout timer via race condition

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to use-after-free. This is triggered by EV plug-in/unplug and RFID/RemoteStart/OCPP authorization events or delayed authorization response. Version 2026.2.0 contains a patch...

RadEar: A Self-Supervised RF Backscatter System for Voice Eavesdropping and Separation

Eavesdropping on voice conversations presents a growing threat to personal privacy and information security. In this paper, we present RadEar, a novel RF backscatter-based system designed to enable covert voice eavesdropping through walls. RadEar consists of two key components: i a batteryless RF...

Radio-Frequency Side-Channel Analysis of a Trapped-Ion Quantum Computer

Analogously to classical computers, quantum processors exhibit side channels that may give attackers access to potentially proprietary algorithms. We identify and exploit a previously unexplored side channel in trapped-ion quantum processors that arises from the radio-frequency RF signals used to...

CVE-2026-3203

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

CVE-2026-3203 Buffer Over-read in Wireshark

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

CVE-2026-3203 Buffer Over-read in Wireshark

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 of Wireshark have security vulnerabilities. These vulnerabilities stem fro...

CVE-2026-2539

The RF communication protocol in the Micca KE700 car alarm system does not encrypt its data frames. An attacker with a radio interception tool e.g., SDR can capture the random number and counters transmitted in cleartext, which is sensitive information required for authentication...

EUVD-2026-5832

The RF communication protocol in the Micca KE700 car alarm system does not encrypt its data frames. An attacker with a radio interception tool e.g., SDR can capture the random number and counters transmitted in cleartext, which is sensitive information required for authentication...

CVE-2026-23167

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nciunregisterdevice. syzbot reported the splat below 0 without a repro. It indicates that struct ncidev.cmdwq had been destroyed before nciclosedevice was called via rfkill. ncidev.cmdwq is...

PT-2026-4631

📱Critical Bluetooth vulnerability CVE-2025-13834 disclosed! This RFCOMM flaw is a "Bluetooth Heartbleed" allowing unauthenticated memory read on 2.8B devices via a single malformed packet. https://t.co/7tYyP9ixpK cybersecurity infosec CVE Bluetooth vulnerability...

CVE-2025-71079

In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfcunregisterdevice and rfkillfopwrite A deadlock can occur between nfcunregisterdevice and rfkillfopwrite due to lock ordering inversion between devicelock and rfkillglobalmutex. The problematic lo...

Information Leak and DoS Vulnerabilities in Redmi Buds 3 Pro through 6 Pro

Overview Redmi Buds, a series of Bluetooth earbuds produced and sold by Xiaomi, contain an Information Leak vulnerability and a Denial of Service DoS vulnerability in versions 3 Pro through 6 Pro. An attacker within Bluetooth radio range can send specially crafted RFCOMM protocol interactions to...

CVE-2025-65553

D3D Wi-Fi Home Security System ZX-G12 v2.1.17 is susceptible to RF jamming on the 433 MHz alarm sensor channel. An attacker within RF range can transmit continuous interference to block sensor transmissions, resulting in missed alarms and loss of security monitoring. The device lacks jamming...

CVE-2025-65552

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...