CVE-2026-46152

A flaw was found in the Linux kernel's Wi-Fi mac80211 subsystem. The ieee80211invokefastrx function uses a static variable for rxresult, which is shared across concurrent calls. This can lead to incorrect processing of Wi-Fi packets, where a packet might be mishandled or its status incorrectly...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: cfg80211: Values of NL80211ATTRTXQQUANTUM are restricted. syzbot can trigger soft lockups by setting NL80211ATTRTXQQUANTUM to 2^31. We had a similar issue in schfq; it was fixed in the commit d9e15a273306 “pktsched: fq: ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not finalize the CSA in IBSS mode if the state is disconnected When we are not connected to a channel, sending the “switch” announcement doesn’t make any sense. In that case, the BSS list is empty. This causes...

USN-8277-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make this a bit more...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: wifi: cfg80211: The process of initializing wiphywork before allocating rfkill fails. The issue syzbort reported an uninitialized wiphyworklock in cfg80211devfree. 1 When the allocation of rfkill fails, the wiphy release proce...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is greater than IEEE80211MAXSSIDLEN 32, it could lead to memory corruption. Therefore, bounds checking should be added...

CVE-2026-31548

A flaw was found in the Linux kernel's cfg80211 Wi-Fi subsystem. When a Wi-Fi interface is shut down, a scheduled work item pmsrfreewk may not be properly cancelled. This can lead to the work item attempting to operate on an already removed interface, resulting in undefined behavior and potential...

DEBIAN-CVE-2026-31548

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsrfreewk in cfg80211pmsrwdevdown When the nl80211 socket that originated a PMSR request is closed, cfg80211releasepmsr sets the request's nlportid to zero and schedules pmsrfreewk to process the abort...

CVE-2026-31548

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsrfreewk in cfg80211pmsrwdevdown When the nl80211 socket that originated a PMSR request is closed, cfg80211releasepmsr sets the request's nlportid to zero and schedules pmsrfreewk to process the abort...

CVE-2026-31548 wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsrfreewk in cfg80211pmsrwdevdown When the nl80211 socket that originated a PMSR request is closed, cfg80211releasepmsr sets the request's nlportid to zero and schedules pmsrfreewk to process the abort...

EUVD-2026-25441

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsrfreewk in cfg80211pmsrwdevdown When the nl80211 socket that originated a PMSR request is closed, cfg80211releasepmsr sets the request's nlportid to zero and schedules pmsrfreewk to process the abort...

PT-2026-34900

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsr free wk in cfg80211 pmsr wdev down When the nl80211 socket that originated a PMSR request is closed, cfg80211 release pmsr sets the request's nl portid to zero and schedules pmsr free wk to process the...

wifi: cfg80211: cancel rfkill_block work in wiphy_unregister()

...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-8112-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8112-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

CVE-2026-23246

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: bounds-check linkid in ieee80211mlreconfiguration linkid is taken from the ML Reconfiguration element control & 0x000f, so it can be 0..15. linkremovaltimeout has IEEE80211MLDMAXNUMLINKS 15 elements, so index 15 i...

SUSE-SU-2026:0473-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. - CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc125254...

CLSA-2026-1770028389 kernel: Fix of 14 CVEs

efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705 - libceph: fix potential use-after-free in havemonandosdmap CVE-2025-68285 - scsi: lpfc: Fix...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211checkandendcac Callers of wdevchandef must hold the wiphy mutex. But the worker cfg80211propagatecacdonewk never takes the lock. Which triggers the warning below with the...

PT-2026-1247

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A memory leak issue was identified and resolved in the Linux kernel’s wifi subsystem, specifically within the rtl8180 init rx ring function. This function allocates memory for skb packet...