Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: Fixed a potential stack-out-of-bounds write in ath9kwmirspcallback. This write occurs in a WMI response callback function that is called after a timeout occurs in ath9kwmicmd. The callback writes to wmi-cmdrspbuf, a...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: hifusb: A use-after-free issue has been fixed in ath9khifusbregincb. It is possible that the skb buffer is freed during ath9khtcrxmsg, and then usbsubmiturb fails. As a result, we try to free the skb buffer again. Th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – added a range check for connrspepid in htcconnectservice. I’ve also found the following bugs in my fuzzer: - UBSAN: Array index out of bounds in drivers/net/wireless/ath/ath9k/htchst.c:26:51. Index 255 is out of ran...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013149)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013149 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003992)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003992 advisory. Memory leaks in drivers/net/wireless/ath/ath9k/htchst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992985)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992985 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usbendpoints are present The bug arises when a USB device claims...

CVE-2023-54300

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in commit b383e8abed41 "wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg", ath9khtcrxmsg should validate pktlen before accessing...

CVE-2023-54300 wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in commit b383e8abed41 "wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg", ath9khtcrxmsg should validate pktlen before accessing...

CVE-2022-50709 wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...

PT-2025-53106

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the ath9k High-Speed USB HIF USB driver, specifically within the ath9k hif usb dealloc tx urbs function. The issue stems from a failure to...

DEBIAN-CVE-2023-53802

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback function. However, the skb is not freed in...

kernel: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes A bad USB device is able to construct a service connection response message with target endpoint being ENDPOINT0 which is reserved for HTCCTRLRSVDSVC and should not be...

CVE-2023-53717

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9kwmirspcallback Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9kwmicmd. The callback writes...

SUSE CVE-2023-53641

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of remainskbs hifdev-remainskb is allocated and used exclusively in ath9khifusbrxstream. It is implied that an allocated remainskb is processed and subsequently freed in error paths only durin...

EUVD-2019-8712

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-50179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ath9k: fix use-after-free in ath9khifusbrxcb Syzbot reported use-after-free Read in ath9khifusbrxcb 0. The problem was in incorrect htchandle-drvpriv...

CVE-2022-50179

In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9khifusbrxcb Syzbot reported use-after-free Read in ath9khifusbrxcb 0. The problem was in incorrect htchandle-drvpriv initialization. Probable call trace which can trigger use-after-free:...

UBUNTU-CVE-2022-50179

In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9khifusbrxcb Syzbot reported use-after-free Read in ath9khifusbrxcb 0. The problem was in incorrect htchandle-drvpriv initialization. Probable call trace which can trigger use-after-free:...

CVE-2022-50179 ath9k: fix use-after-free in ath9k_hif_usb_rx_cb

In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9khifusbrxcb Syzbot reported use-after-free Read in ath9khifusbrxcb 0. The problem was in incorrect htchandle-drvpriv initialization. Probable call trace which can trigger use-after-free:...

SUSE-SU-2025:20349-1 Security update for kernel-livepatch-MICRO-6-0_Update_3

This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: - CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678 - CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847 - CVE-2024-50115: KVM: nSV...