35 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-013411)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013411 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of remainskbs hifdev-remainskb is allocated and used...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010826)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010826 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011316)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011316 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010851)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010851 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005467)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005467 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes A bad USB device is able to construct ...
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc1252542...
SUSE-SU-2026:0154-1 Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes various security issues The following security issues were fixed: - CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. - CVE-2022-50327: ACPI: processor: idle: Check...
Linux Distros Unpatched Vulnerability : CVE-2023-54300
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in commit b383e8abed41 wifi: ath9k: avoid uninit memory read in...
CVE-2023-54300
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in commit b383e8abed41 "wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg", ath9khtcrxmsg should validate pktlen before accessing...
CVE-2023-54300
CVE-2023-54300 affects the Linux kernel wireless driver stack (ath9k). The issue arises from uninitialized memory access in ath9k_wmi_ctrl_rx triggered by missing pkt_len validation in ath9k_htc_rx_msg; the SKB could be malformed such that a WMI header is expected in data but not present. The fix...
SUSE CVE-2022-50709
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...
CVE-2022-50709
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...
CVE-2023-53802
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback function. However, the skb is not freed in...
CVE-2023-53802 wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback function. However, the skb is not freed in...
EUVD-2023-59791
Malicious code in bioql PyPI...
SUSE CVE-2023-53185
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes A bad USB device is able to construct a service connection response message with target endpoint being ENDPOINT0 which is reserved for HTCCTRLRSVDSVC and should not be...
DEBIAN-CVE-2023-53199
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: clean up skbs if ath9khifusbrxstream fails Syzkaller detected a memory leak of skbs in ath9khifusbrxstream. While processing skbs in ath9khifusbrxstream, the already allocated skbs in skbpool are not freed if...
CVE-2023-53185
CVE-2023-53185 exists in the Linux kernel: wifi/ath9k allows overwriting ENDPOINT0 attributes, enabling a bad USB device to craft a service-connection response where the target is ENDPOINT0 (reserved for HTC_CTRL_RSVD_SVC). The vulnerability is fixed in the kernel by rejecting such responses; imp...
AZL-64508 CVE-2025-38157 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Abort software beacon handling if disabled A malicious USB device can send a WMISWBAEVENTID event from an ath9khtc-managed device before beaconing has been enabled. This causes a device-by-zero error in the driver...
SUSE-SU-2025:20367-1 Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678 - CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847 - CVE-2024-50115: KVM: nSV...