CVE-2026-28520

CVE-2026-28520 affects arduino-TuyaOpen prior to 1.2.1, where the WiFiMulti component contains a single-byte buffer overflow. When a device connects to an attacker-controlled AP hotspot, the overflow can be exploited to execute arbitrary code on the embedded device (remote code execution). The av...

kernel: wifi: mac80211: fix potential sta-link leak

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential sta-link leak When a station is allocated, links are added but not set to valid yet e.g. during connection to an AP MLD, we might remove the station without ever marking links valid, and leak them. F...

CVE-2024-26683 wifi: cfg80211: detect stuck ECSA element in probe resp

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: detect stuck ECSA element in probe resp We recently added some validation that we don't try to connect to an AP that is currently in a channel switch process, since that might want the channel to be quiet or we...

CVE-2024-26682 wifi: mac80211: improve CSA/ECSA connection refusal

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: improve CSA/ECSA connection refusal As mentioned in the previous commit, we pretty quickly found that some APs have ECSA elements stuck in their probe response, so using that to not attempt to connect while CSA is...