CVE-2026-7764 Out-of-bounds read in morse.ko Vendor IE processing

An out-of-bounds read vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.12 allows an unauthenticated attacker within radio range to disclose a small amount of kernel heap memory or cause a Denial of Service kernel oops/panic via a...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Linux Distros Unpatched Vulnerability : CVE-2026-46163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware- controlled key index in b43legacyrx can exceed...

CVE-2026-46122

A flaw was found in the Linux kernel's b43 Wi-Fi driver. A remote attacker could exploit this vulnerability by providing a specially crafted firmware key index that exceeds the allocated array size in the b43rx function. This out-of-bounds read could lead to information disclosure, potentially...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mac8021: fixed possible out-of-bound access in ieee80211getrateduration Fixed possible out-of-bound access in the ieee80211getrateduration routine As reported in the following UBSAN report: UBSAN: Array index out-of-boun...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl8xxxu: Added cancelworksync for c2hcmdwork. The workqueue may still be running when the driver is stopped. To avoid a use-after-free, call cancelworksync in rtl8xxxustop...

Astra Linux - уязвимость в linux

A issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second or subsequent broadcast fragments even when sent in plaintext and process them as fully unfragmented frames. An adversary can exploit this vulnerability to inject arbitrary...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: Fixed an issue where a read pointer was freed after the variable was deallocated in ath12kmacassignviftovdev. In ath12kmacassignviftovdev, if the arvif object is created on a different radio, it is deleted from that...

CVE-2026-8229

CVE-2026-8229 concerns Wavlink NU516U1 (firmware 240425) where the vulnerable element is the function WifiBasic in /cgi-bin/wireless.cgi. An attacker can manipulate the AuthMethod/EncrypType arguments to trigger an os command injection, enabling remote exploitation. Public exploit availability is...

CVE-2026-43176 wifi: rtw89: pci: validate release report content before using for RTL8922DE

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 "wifi: rtw89: pci: validate sequence number of TX release report" does validation on existing chips, which somehow a release...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996 – added a missing check for RX WCID entries. Non-station WCID entries must not be passed to RX functions. In the case of the global WCID entry, it could even lead to corruption in the WCID array due to the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Avoid NULL pointer access during management transmit cleanup. Currently, the “ar” reference is not added to “skbcb”. Although this reference is generally not used during transmit completion callbacks, when an...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211: handling of 2x996 RU allocation in cfg80211calculatebitratehe Currently, NL80211RATEINFOHERUALLOC2x996 is not being handled in cfg80211calculatebitratehe, resulting in the following warning: kernel: Invalid HE MCS...

CVE-2026-32669

Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products...

Tenda AC5 安全漏洞

Tenda AC5 is a wireless router produced by the Chinese company Tenda. Version 15.03.06.47 of Tenda AC5 contains a security vulnerability. This vulnerability stems from improper handling of parameters in the file/goform/WifiWpsOOB, which may lead to a stack buffer overflow...

CVE-2026-3970

A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-23315

A flaw was found in the Linux kernel's mt76 Wi-Fi driver. This vulnerability, an out-of-bounds OOB access, occurs due to an insufficient check of frame length before accessing management fields within the mt76connac2macwritetxwi80211 function. An attacker could potentially exploit this to cause...

CVE-2026-23363 wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211()

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix possible oob access in mt7925macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7925macwritetxwi80211 in order to avoid a possible oob access...

CVE-2026-23325 wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...

CVE-2026-23315 wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76connac2macwritetxwi80211 Check frame length before accessing the mgmt fields in mt76connac2macwritetxwi80211 in order to avoid a possible oob access. fix check to also cover...