53 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Use skbsetlength to reset urb before resubmitting it. Syzbot points out that skbtrim has a sanity check on the existing length of the skb; this length might not be initialized in some error-prone situations. The...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath9k: Fixed a potential array-index-out-of-bounds read in ath9khtctxstatus. The bug occurs when txs-cnt—data from a URB provided by a USB device—is larger than the size of the array txs-txstatus, which is HTCMAXTXSTATUS...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, it seem...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Abort software beacon handling if disabled. A malicious USB device can send an WMISWBAEVENTID event from an ath9khtc-managed device before beaconing is enabled. This causes a device-by-zero error in the driver,...
Astra Linux - уязвимость в linux-5.10, linux
A use-after-free flaw was discovered in the Linux kernel’s Atheros wireless adapter driver, where a user can cause the ath9khtcwaitfortarget function to fail with certain input messages. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013755)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013755 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at...
ROS-20260220-73-0003
A vulnerability in the ath9khtcswba function of the wifi component of the Linux operating system kernel is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
RHEL 9 : kernel (RHSA-2026:2573)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2573 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: ath9khtc...
PT-2025-53947
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel’s ath9k driver related to the handling of skb socket buffer memory within the ath9k hif usb reg in cb function. Specifically, the issue...
SUSE CVE-2022-50709
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...
Linux Distros Unpatched Vulnerability : CVE-2022-50709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call...
CVE-2022-50709
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...
CVE-2022-50709 wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...
Linux Distros Unpatched Vulnerability : CVE-2023-53802
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that ath9khtcrxmsg either frees the provided skb or passes its...
EUVD-2023-60104
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback function. However, the skb is not freed in...
CVE-2023-53802
CVE-2023-53802 affects the Linux kernel driver wifi/ath9k (htc_hst) where skb memory was not freed when there is no callback function in ath9k_htc_rx_msg(); Syzkaller reported a memory leak. The connected advisories for Unity Linux/SUSE summarize the fix as resolving this by ensuring skb is freed...
CVE-2023-53802
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback function. However, the skb is not freed in...
PT-2025-49662
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ath9k module, specifically within the ath9k htc rx msg function. This function is responsible for either freeing a socket buffer skb or passing its...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ath9khtcrxmsg not freeing the skb when there is no callback function, which could lead to a memory leak...
TencentOS Server 3: kernel (TSSA-2023:0129)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0129 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...