Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – Verify that the expected usbendpoints are present. This bug occurs when a USB device claims to be an ATH9K device, but it does not have the expected endpoints. In this case, there was an interrupt endpoint, and the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011093)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011093 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of urbs in ath9khifusbdealloctxurbs Syzkaller reports a...

CVE-2022-50829

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...

CVE-2023-54300

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in commit b383e8abed41 "wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg", ath9khtcrxmsg should validate pktlen before accessing...

CVE-2022-50881 wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free in ath9k that occurs in ath9khifusbdisconnect when ath9kdestroywmi is trying to access 'drvpriv' that has already been freed by...

kernel: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes A bad USB device is able to construct a service connection response message with target endpoint being ENDPOINT0 which is reserved for HTCCTRLRSVDSVC and should not be...

CVE-2023-53641 wifi: ath9k: hif_usb: fix memory leak of remain_skbs

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of remainskbs hifdev-remainskb is allocated and used exclusively in ath9khifusbrxstream. It is implied that an allocated remainskb is processed and subsequently freed in error paths only durin...

CVE-2022-50297

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usbendpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. In this case there was an interrupt endpoint where the driver expected a bu...

PT-2025-37599

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the ath9k module related to USB endpoint handling. The issue occurs when a USB device identifies as an ATH9K but lacks the expected endpoints,...

CLSA-2024-1733158910 kernel: Fix of 6 CVEs

hwmon: ibmpex Fix possible UAF when ibmpexregisterbmc fails CVE-2022-49029 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - ext4: no need to continue when the number of entries is 1 CVE-2024-49967 - net/packet: fix slab-out-of-bounds access in packetrecvmsg CVE-2022-20368 - packet: in...

kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete

A flaw was found in the Linux kernel. This vulnerability affects the ath9k wireless driver in the Linux kernel, specifically used with ath9khtc devices. The issue arises from a race condition where certain initialization processes are incomplete when the system begins handling WiFi-related events...

kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete

A flaw was found in the Linux kernel. This vulnerability affects the ath9k wireless driver in the Linux kernel, specifically used with ath9khtc devices. The issue arises from a race condition where certain initialization processes are incomplete when the system begins handling WiFi-related events...

kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete

A flaw was found in the Linux kernel. This vulnerability affects the ath9k wireless driver in the Linux kernel, specifically used with ath9khtc devices. The issue arises from a race condition where certain initialization processes are incomplete when the system begins handling WiFi-related events...

kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete

A flaw was found in the Linux kernel. This vulnerability affects the ath9k wireless driver in the Linux kernel, specifically used with ath9khtc devices. The issue arises from a race condition where certain initialization processes are incomplete when the system begins handling WiFi-related events...

kernel: wifi: ath9k: verify the expected usb_endpoints are present

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usbendpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. In this case there was an interrupt endpoint where the driver expected a bu...

SUSE CVE-2019-19073

Memory leaks in drivers/net/wireless/ath/ath9k/htchst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by triggering waitforcompletiontimeout failures. This affects the htcconfigpipecredits function, the htcsetupcomplete function, and the...

Ubuntu: Security Advisory (USN-5500-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5564-1 linux-intel-iotg vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5560-2 linux-hwe, linux-aws-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5513-1: Linux kernel (AWS) vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...