CVE-2026-46180

A flaw was found in the Linux kernel. A use-after-free vulnerability exists in the brcmfmac Wi-Fi driver when stopping the watchdog task. This issue occurs because the watchdog task might terminate prematurely, leading to a use-after-free condition. This could allow a local attacker to cause a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: brcmfmac: cfg80211 – Handle SSID-based PMKSA deletion wpasupplicant 2.11 sends commands for PMKSA flush based on SSID from version 1efdba5fdc2c “Handle PMKSA flush in the driver for SAE/OWE offload cases”. The brcmfmac...

CVE-2026-43144

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. When the probe of an SDIO Secure Digital Input/Output brcmfmac device fails, for example due to missing firmware, an invalid bus pointer can be set. This incorrect state can lead to a kernel oops, which is a type of system crash, when...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the brcmfmac driver. When the detection fails, sdiodev-bus is set to an incorrect value instead o...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac: A check on the count value of channel specifications is added to prevent out-of-bounds reads. This patch fixes out-of-bounds reads in brcmfconstructchaninfo and brcmfenablebw402g when the count value of channel...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmmac – Fix for crashes occurring when sending Action Frames in standalone AP Mode Currently, whenever an Action Frame needs to be transmitted, the brcmmac driver always uses the P2P vif to send the “actframe” IOVAR to th...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: brcmfmac: Check the return value of ofpropertyreadstringindex. Between version 6.10 and 6.11, the driver began to crash on my MacBookPro14,3. The ofpropertyreadstringindex function does not exist, and the tmp variable...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012992)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012992 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001615 advisory. The brcmfcfg80211mgmttx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denia...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003926)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003926 advisory. The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receive...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004210)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004210 advisory. The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receive...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003115)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003115 advisory. Stack-based buffer overflow in the brcmfcfg80211startap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allo...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000233)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000233 advisory. The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992467)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992467 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmfcpreinitdcmds This patch fixes a...

SUSE CVE-2025-40321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever there is a need to transmit an Action frame, the brcmfmac driver always uses the P2P vif to send the "actframe" IOVAR to firmware. Th...

CVE-2025-40321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever there is a need to transmit an Action frame, the brcmfmac driver always uses the P2P vif to send the "actframe" IOVAR to firmware. Th...

DEBIAN-CVE-2025-40321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever there is a need to transmit an Action frame, the brcmfmac driver always uses the P2P vif to send the "actframe" IOVAR to firmware. Th...

CVE-2025-40321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever there is a need to transmit an Action frame, the brcmfmac driver always uses the P2P vif to send the "actframe" IOVAR to firmware. Th...

UBUNTU-CVE-2025-40321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever there is a need to transmit an Action frame, the brcmfmac driver always uses the P2P vif to send the "actframe" IOVAR to firmware. Th...

CVE-2025-40321 wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever there is a need to transmit an Action frame, the brcmfmac driver always uses the P2P vif to send the "actframe" IOVAR to firmware. Th...