Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k: Fixed corruption of SKBs in the REO destination ring. While running traffic for a long time, a random RX descriptor filled with the value “0” from the REO destination ring is received. This invalid descriptor...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992963)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992963 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the...

CVE-2022-50871 wifi: ath11k: Fix qmi_msg_handler data structure initialization

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ath11k not handling SKB correctly when booting in monitor mode, which could lead to a null pointer dereferen...

Linux Distros Unpatched Vulnerability : CVE-2023-53532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix deinitialization of firmware resources Currently, in...

EUVD-2022-54477

Malicious code in bioql PyPI...

CVE-2022-50186

In the Linux kernel, the following vulnerability has been resolved: ath11k: fix missing skb drop on htctxcompletion error On htctxcompletion error the skb is not dropped. This is wrong since the completionhandler logic expect the skb to be consumed anyway even when an error is triggered. Not...

CVE-2022-50187 ath11k: fix netdev open race

In the Linux kernel, the following vulnerability has been resolved: ath11k: fix netdev open race Make sure to allocate resources needed before registering the device. This specifically avoids having a racing open trigger a BUGON in modtimer when ath11kmacopstart is called before the monreaptimer ...

CVE-2022-50187

CVE-2022-50187 involves the ath11k driver netdev open race in the Linux kernel. The issue occurs when ath11k_mac_op_start() runs before mon_reap_timer is set up, leading to a racing open() that can trigger a BUG_ON() in mod_timer(). The fixed advisory notes allocate necessary resources before dev...

CVE-2025-23133

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue regwork. ...

CVE-2024-58096

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: add srng-lock for ath11khalsrng in monitor mode ath11khalsrng should be used with srng-lock to protect srng data. For ath11kdprxmondestprocess and ath11kdpfullmonprocessrx, they use ath11khalsrng for many times but...

CVE-2025-23133

The CVE-2025-23133 issue is in Linux kernel ath11k: when a new channel list is received, it updates cfg80211 and queues reg_work, but may immediately execute reg_update_chan_list() before cfg80211 finishes handling the list, causing a potential slab-out-of-bounds write (KASAN) in ath11k_reg_updat...

CVE-2025-23133 wifi: ath11k: update channel list in reg notifier instead reg worker

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue regwork. ...

CVE-2025-23133 wifi: ath11k: update channel list in reg notifier instead reg worker

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue regwork. ...

CVE-2022-49543 ath11k: fix the warning of dev_wake in mhi_pm_disable_transition()

In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of devwake in mhipmdisabletransition When test device recovery with below command, it has warning in message as below. echo assert /sys/kernel/debug/ath11k/wcn6855\ hw2.0/simulatefwcrash echo assert...

CVE-2022-49543

In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of devwake in mhipmdisabletransition When test device recovery with below command, it has warning in message as below. echo assert /sys/kernel/debug/ath11k/wcn6855\ hw2.0/simulatefwcrash echo assert...

CVE-2022-49533 ath11k: Change max no of active probe SSID and BSSID to fw capability

In the Linux kernel, the following vulnerability has been resolved: ath11k: Change max no of active probe SSID and BSSID to fw capability The maximum number of SSIDs in a for active probe requests is currently reported as 16 WLANSCANPARAMSMAXSSID when registering the driver. The scanreqparams...

CVE-2022-49533 ath11k: Change max no of active probe SSID and BSSID to fw capability

In the Linux kernel, the following vulnerability has been resolved: ath11k: Change max no of active probe SSID and BSSID to fw capability The maximum number of SSIDs in a for active probe requests is currently reported as 16 WLANSCANPARAMSMAXSSID when registering the driver. The scanreqparams...

CVE-2022-49238 ath11k: free peer for station when disconnect from AP for QCA6390/WCN6855

In the Linux kernel, the following vulnerability has been resolved: ath11k: free peer for station when disconnect from AP for QCA6390/WCN6855 Commit b4a0f54156ac "ath11k: move peer delete after vdev stop of station for QCA6390 and WCN6855" is to fix firmware crash by changing the WMI command...

CVE-2022-49237

CVE-2022-49237 is resolved in the Linux kernel’s ath11k driver. The vulnerability stems from a missing of_node_put() after obtaining a device tree node via of_find_node_by_type() or of_parse_phandle(), where the node’s refcount is incremented but not decremented, causing a refcount leak. The impa...