Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified-memset warning The carl9170txrelease function sometimes triggers a fortified-memset warning in my build configurations. This issue occurs in the following file: include/linux/string.h:254, and in...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: carl9170 – added a proper sanity check for endpoints. Syzkaller reports that a warning was triggered due to the presence of an incorrect endpoint type during the URB processing stage. Although a check was performed for a...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38420)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38420 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993228)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993228 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports 1 hitting a warning whi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992648 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports 1 hitting a warning whi...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: carl9170 – Do not ping devices that have failed to load firmware. Syzkaller reports that 1 and 2 crashes occur due to attempts to ping devices that have failed to load firmware. Since such devices fail to pass the...

EUVD-2025-22665

Malicious code in bioql PyPI...

CLSA-2025-1757963029 kernel-uek: Fix of 194 CVEs

rds: tcp: block BH in TCP callbacks - kexec: Improve & fix crashexcludememrange to handle overlapping ranges - module: correctly exit modulekallsymsoneachsymbol when fn != 0 - module: potential uninitialized return in modulekallsymsoneachsymbol - module: use RCU to synchronize findmodule -...

Linux Distros Unpatched Vulnerability : CVE-2025-38420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to...

Linux Distros Unpatched Vulnerability : CVE-2024-38616

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified- memset warning The carl9170txrelease function sometimes...

wifi: carl9170: do not ping device which has failed to load firmware

...

SUSE CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

The vulnerability of the carl9170_usb_rx_complete() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the carl9170usbrxcomplete function in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

DEBIAN-CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

UBUNTU-CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

CVE-2025-38420 wifi: carl9170: do not ping device which has failed to load firmware

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a carl9170 wifi driver attempting to ping a device that fails to load firmware, which could result in a null...

The vulnerability of the carl9170 component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the carl9170 component in the Linux operating system is related to a memory corruption in the carl9170txrelease function. Exploiting this vulnerability can allow an attacker to cause a service failure...