6 matches found
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...
CVE-2023-54029
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-54029
CVE-2023-54029 concerns the Linux kernel’s iwlwifi component (iwl_mvm_max_amsdu_size) when using Multiple Logical LANs (MLO). The root cause described across connected records: in MLO scenarios, code may access channel information via vif->bss_conf.chan->band, but bss_conf isn’t used in thi...
PT-2024-30771
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.0 Description A NULL pointer dereference vulnerability was found in the Linux kernel's wifi module, specifically in the mac80211 subsystem. The issue occurs when starting a tx ba session in an MLD connection,...
kernel: wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO
A NULL pointer dereference vulnerability was found in the Intel iwlwifi wireless driver in the Linux kernel. When using Multi-Link Operation MLO mode, the iwlmvmmaxamsdusize function incorrectly accesses vif-bssconf.chandef.chan-band, which leads to a NULL pointer dereference because bssconf is n...