21 matches found
PT-2026-45632
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not finalize the CSA in IBSS mode if the state is disconnected When we are not connected to a channel, sending the “switch” announcement doesn’t make any sense. In that case, the BSS list is empty. This causes...
EUVD-2026-23684
A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function EditBasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed public...
CVE-2026-23809
A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation m...
CVE-2026-23809 MAC Address Spoofing leads to Inter-BSSID Isolation Bypass Resulting in Traffic Redirection
A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation m...
UBUNTU-CVE-2023-53992
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a simple check...
ALSA-2025:19447 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: wifi: mac80211: check S1G action frame size CVE-2023-53257 kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 kernel: wifi: cfg80211: fix use-after-free i...
ath11k: Change max no of active probe SSID and BSSID to fw capability
...
AZL-77399 CVE-2023-53540 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later...
CVE-2023-53540 wifi: cfg80211: reject auth/assoc to AP with our address
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later...
wifi: cfg80211: fix use-after-free in cmp_bss()
...
SUSE CVE-2022-49533
In the Linux kernel, the following vulnerability has been resolved: ath11k: Change max no of active probe SSID and BSSID to fw capability The maximum number of SSIDs in a for active probe requests is currently reported as 16 WLANSCANPARAMSMAXSSID when registering the driver. The scanreqparams...
UBUNTU-CVE-2022-49533
In the Linux kernel, the following vulnerability has been resolved: ath11k: Change max no of active probe SSID and BSSID to fw capability The maximum number of SSIDs in a for active probe requests is currently reported as 16 WLANSCANPARAMSMAXSSID when registering the driver. The scanreqparams...
PT-2024-25093 · Unknown · Qualcomm Technologies
Name of the Vulnerable Software and Affected Versions: Qualcomm Technologies, Inc. products affected versions not specified Description: The issue is related to a Transient Denial of Service DOS that occurs while parsing MBSSID during the generation of a new Information Element IE in beacon or...
kernel: wifi: cfg80211: ocb: don't leave if not joined
A flaw was found in the Linux kernel's cfg80211 wireless subsystem. When handling OCB Outside the Context of a BSS mode, the kernel may attempt to leave an OCB network even when not joined, which could cause driver confusion or unexpected behavior. This is a logic error in state management...
CVE-2023-21230
In onAccessPointChanged of AccessPointPreference.java, there is a possible way for unprivileged apps to receive a broadcast about WiFi access point change and its BSSID or SSID due to a precondition check failure. This could lead to local information disclosure with no additional execution...
kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c
A list corruption flaw was found in cfg80211addnontranslist in the net/wireless/scan.c function in the Linux kernel. This flaw could lead to a denial of service...
PT-2022-35407 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.74 Description: A potential issue exists in the Linux Kernel, specifically in the cfg80211 component, which may lead to corruption of the BSS list. The actual impact and attack plausibility have not yet be...
ALPINE-CVE-2022-42719
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers able to inject WLAN frames to crash the kernel and potentially execute code...
多款Qualcomm产品安全漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuits including primarily semiconductor devices, but also passive components, etc. and is often fabricated on the surface of semiconductor wafers. A security vulnerability exists in multiple Qualcomm products that...