24 matches found
EUVD-2026-4944
tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...
CVE-2026-25061
tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-394752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-394752 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for...
CVE-2025-21979
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel wiphywork before freeing wiphy A wiphywork can be queued from the moment the wiphy is allocated and initialized i.e. wiphynewnm. When a wiphywork is queued, the rdev::wiphywork is getting queued. If wiphyfr...
CVE-2025-21730 wifi: rtw89: avoid to init mgnt_entry list twice when WoWLAN failed
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to init mgntentry list twice when WoWLAN failed If WoWLAN failed in resume flow, the rtw89opsaddinterface triggered without removing the interface first. Then the mgntentry list init again, causing the listempt...
CVE-2024-50236
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completion. Similar leaks a...
DEBIAN-CVE-2024-50236
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completion. Similar leaks a...
UBUNTU-CVE-2024-26682
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: improve CSA/ECSA connection refusal As mentioned in the previous commit, we pretty quickly found that some APs have ECSA elements stuck in their probe response, so using that to not attempt to connect while CSA is...
CVE-2024-0532
A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function setrepeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapskcrypto24g/wpapskcrypto5g leads to...
Ucopia 安全漏洞
Ucopia Express is a device used for Wifi management by the French company Ucopia. A security vulnerability exists in Ucopia versions prior to 6.0.13, which stems from an SSH server with insecure privileges...
SUSE CVE-2022-47519
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTROPERCHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frame...
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames.
...
UBUNTU-CVE-2022-47521
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTRCHANNELLIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel prior to version 6.0.11, which stems from a lack of validation of the IEEE80211P2PATTROPER CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211....
PT-2022-6042 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.0.11 Description: The issue is related to the WILC1000 wireless driver in the Linux kernel, specifically with the missing validation of IEEE80211 P2P ATTR OPER CHANNEL in the cfg80211.c file. This can trigger ...
Weak password vulnerability in CPE-WiFi management platform of Shenzhen Sidetech Co.
Ltd. is a high-tech enterprise that provides a full line of products required for mainstream access network technology. There is a weak password vulnerability in the CPE-WiFi management platform of Shenzhen Xidit Technology Co. Ltd, which can be exploited by attackers to obtain sensitive...
Circle with Disney WiFi Security Downgrade Vulnerability(CVE-2017-12096)
Summary An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted Access Point with the same name as the legitimate one, can be used to make Circle connect to an untrusted network. An attacker needs to setup an Access Point reachable by the device and to send a...
CVE-2017-12096
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted Access Point with the same name as the legitimate one can be used to make Circle connect to an untrusted network. An attacker needs to setup an Access Point reachable by the device and to send a series of...
Design/Logic Flaw
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted Access Point with the same name as the legitimate one can be used to make Circle connect to an untrusted network. An attacker needs to setup an Access Point reachable by the device and to send a series of...
CVE-2017-12096
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted Access Point with the same name as the legitimate one can be used to make Circle connect to an untrusted network. An attacker needs to setup an Access Point reachable by the device and to send a series of...