1500 matches found
CVE-2026-53318
A flaw was found in the Linux kernel's wifi subsystem, specifically within the mt76: mt7925 driver. This vulnerability arises from a missing check for a NULL pointer before it is used in the mt7925txcheckaggr function. Exploiting this flaw could lead to a system crash, causing a Denial of Service...
CVE-2026-53318
CVE-2026-53318 describes a fix in the Linux kernel’s wireless stack: for mt76/mt7925, a NULL pointer dereference in mt7925_tx_check_aggr() was mitigated by moving the NULL check for the 'sta' pointer before its dereference, preventing a possible crash. The vulnerability affects the mt7925 compone...
CVE-2026-53101
A flaw was found in the Linux kernel's mt7921 Wi-Fi driver. A potential deadlock can occur when the rocabortsync function attempts to cancel a work item while rocwork is still running and holding a mutex. This situation, which can arise during Wi-Fi station removal, causes both sides to block,...
CVE-2026-53102
A flaw was found in the Linux kernel's mt76 Wi-Fi driver. This vulnerability, a memory leak, occurs when the mt76connacmcuallocstareq function allocates a socket buffer skb that is not properly freed if subsequent operations, such as mt76connacmcustawedupdate or mt76connacmcustakeytlv, fail. This...
CVE-2026-53178
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: rtwmlme: add bounds checks before ielength subtraction Add guards to ensure ielength is large enough before subtracting fixed IE offsets to prevent unsigned integer underflow...
CVE-2026-53097
A flaw was found in the Linux kernel's mt7996 Wi-Fi driver. A use-after-free vulnerability exists in the mt7996macdumpwork function due to a race condition during the detachment of the mt7996 PCI chip. This can occur when mt7996crashdata is released while a related work item is still active,...
Linux Distros Unpatched Vulnerability : CVE-2026-53093
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: brcmfmac: Fix error pointer dereference The function brcmfchipaddcore can return an error pointer and is not checked. Add checks for error pointer. Detect...
EUVD-2026-38973
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: prevent NULL vif dereference in mt7925macwritetxwi Check for a NULL vif before accessing ieee80211vifismldvif to avoid a potential kernel panic in scenarios where vif might not be initialized...
EUVD-2026-38972
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak destroying device All MT76 rx queues have an associated pagepool even if the queue is not associated to a NAPI e.g. WED RRO queues with WED enabled. Destroy the pagepool running mt76dmacleanup routine...
EUVD-2026-38965
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix use-after-free bugs in mt7996macdumpwork When the mt7996 pci chip is detaching, the mt7996crashdata is released in mt7996coredumpunregister. However, the work item dumpwork may still be running or pending,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7921 – Fixed kernel panic due to null pointer dereference Fixed a kernel panic caused by a null pointer dereference in the mt792xrxgetwcid function. The issue arises because the deflink structure is not properly...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: disabling NAPI during driver removal A warning regarding driver removal began to appear after the commit 9dd05df8403b „net: warn if NAPI instance wasn’t shut down”. The Tx NAPI should be disabled before deleting the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: RSI: Do not default to -EOPNOTSUPP in rsimac80211config. This triggers a WARNON in ieee80211hwconfinit, and this is not the expected behavior from the driver. Other drivers also default to 0...
Astra Linux – Vulnerabilities in Linux, Linux-6.1, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: wfx: Fixed a possible NULL pointer dereferencing in wfxsetmfpap. Since 'ieee80211beaconget' may return NULL, wfxsetmfpap should check the return value before examining the skb data. Therefore, the latter function should...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7915: fixed resource leaks in mt7915ratetxpowerget. Coverity message: The variable “buf” goes out of scope, causing a leak in memory storage. Address-Coverity-ID: 1527799 “Resource leaks”...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: wifi: mwifiex: Do not return unused priv pointers in mwifiexgetprivbyid. mwifiexgetprivbyid returns the priv pointer corresponding to bssnum and bsstype, but without checking whether the priv is actually in use. Unused priv...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, make sure that it actually exists in the frame...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: A potential dereference issue with RCU resources has been fixed in the wilcparsejoinbssparam function. In the wilcparsejoinbssparam function, the TSF field of the ies structure is accessed after the RCU read-side...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fixed the use of memory after it was freed in mt7921acpiread. Do not dereference “sarroot” after it has been freed...