Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the situation where the cfg80211informbssframe function returns NULL without releasing the buffer...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211: A use-after-free issue was addressed in the cmpbss function. This issue was introduced due to a quirky behavior of the bssfree function introduced in commit 776b3580178f „cfg80211: Properly track hidden SSID...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don’t leave if not joined If there is no OCB state, do not ask the driver/mac80211 to leave, as that would only cause confusion. Since the chandef state can be set or cleared, this is a simple check...

CVE-2026-31548

A flaw was found in the Linux kernel's cfg80211 Wi-Fi subsystem. When a Wi-Fi interface is shut down, a scheduled work item pmsrfreewk may not be properly cancelled. This can lead to the work item attempting to operate on an already removed interface, resulting in undefined behavior and potential...

CVE-2026-23336

A flaw was found in the Linux kernel's cfg80211 component. This use-after-free vulnerability occurs when the rfkillblock work is not properly cancelled during the unregistration of a wireless device. A local attacker could potentially exploit this flaw, leading to a denial of service due to memor...

EUVD-2026-15299

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkillblock work in wiphyunregister There is a use-after-free error in cfg80211shutdownallinterfaces found by syzkaller: BUG: KASAN: use-after-free in cfg80211shutdownallinterfaces+0x213/0x220 Read of size ...

CVE-2026-23336

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkillblock work in wiphyunregister There is a use-after-free error in cfg80211shutdownallinterfaces found by syzkaller: BUG: KASAN: use-after-free in cfg80211shutdownallinterfaces+0x213/0x220 Read of size ...

UBUNTU-CVE-2026-23336

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkillblock work in wiphyunregister There is a use-after-free error in cfg80211shutdownallinterfaces found by syzkaller: BUG: KASAN: use-after-free in cfg80211shutdownallinterfaces+0x213/0x220 Read of size ...

CVE-2026-23336

Summary: CVE-2026-23336 affects the Linux kernel’s wifi cfg80211 path, where a use-after-free can occur during wiphy_unregister() if rfkill_block work isn’t cancelled. The issue manifests in cfg80211_shutdown_all_interfaces via a KASAN use-after-free and is triggered when unregistering a wireless...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46672)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46672 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Handle SSID...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37973)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37973 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix out-of-bounds access...

EUVD-2023-60068

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq-cqlock deadlock issue When ufshcderrhandler is executed, CQ event interrupt can enter waiting for the same lock. This can happen in ufshcdhandlemcqcqevents and also in ufsmtkmcqintr. The following...

kernel: wifi: cfg80211: init wiphy_work before allocating rfkill fails

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: init wiphywork before allocating rfkill fails syzbort reported a uninitialize wiphyworklock in cfg80211devfree. 1 After rfkill allocation fails, the wiphy release process will be performed, which will cause...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990385)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990385 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check nssids before accessing the ssids In some versions of cfg80211, the ssi...

SUSE CVE-2023-53715

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...

CVE-2023-53715

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...

DEBIAN-CVE-2023-53715

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...

UBUNTU-CVE-2023-53715

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...

CVE-2023-53715

CVE-2023-53715: In the Linux kernel wifi/brcmfmac cfg80211 path, the passphrase PMK is now passed in binary instead of hex to accommodate newer chips/firmware (e.g., BCM4387). The fix also clears the structure before setting the PMK to prevent leaking uninitialized stack contents to the device. O...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987562)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987562 advisory. In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix management registrations locking The management registrations locking was broken, t...