Practical Countermeasure against Attacks Exploiting Detection Efficiency Mismatch in Quantum Key Distribution

We demonstrate a practical countermeasure against a well-known class of attacks on quantum key distribution QKD systems that exploit detection efficiency mismatch, where the receiver's detectors do not exhibit identical responses to incoming photons across all degrees of freedom. This class of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Do not send a 6E-related command when it is not supported. MCCALLOWEDAPTYPECMD is related to 6E support. Do not send this command if the device does not support 6E. Apparently, the firmware mistakenly indicat...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw89 – fw: scan offload prohibit all 6 GHz channels if no 6 GHz sband exists. We have certain policies via the BIOS that prevent the use of 6 GHz frequencies. In this case, the 6 GHz sband parameter will be set to NULL, ev...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k: Fixed the registration of a 6Ghz-only physical interface without the full channel range. Due to what appears to be a typographical error, the 6Ghz-only physical interface, for which the BDF does not allow the...

SUSE CVE-2026-43325

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

EUVD-2026-28987

A security vulnerability has been detected in EFM ipTIME A8004T 14.18.2. This vulnerability affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit h...

EFM ipTIME A8004T 缓冲区错误漏洞

The EFM ipTIME A8004T is a wireless router produced by the South Korean company EFM. The version 14.18.2 of the EFM ipTIME A8004T contains a buffer error vulnerability. This vulnerability stems from an stack buffer overflow issue in the formWifiBasicSet function within the file/goform/WifiBasicSe...

EUVD-2026-28609

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

CVE-2026-43325

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

CVE-2026-43325

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

UBUNTU-CVE-2026-43325

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

CVE-2026-43325

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

CVE-2026-43325

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

CVE-2026-43325 wifi: iwlwifi: mvm: don't send a 6E related command when not supported

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

PT-2026-38976

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iwlwifi wireless driver within the mvm module. The driver sends the MCC ALLOWED AP TYPE CMD command, which is related to 6E support, even when the device does not...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: nl80211 – Set special AP channel widths to disallowed. Setting the AP channel width is intended for use with the standard 20/40/… MHz channel width progression. Switching between narrow channels in S1G mode is not supported...

CVE-2026-2180

A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fastsettingwifiset. Such manipulation of the argument ssid5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2026-2180

The CVE-2026-2180 entry affects Tenda RX3 (version 16.03.13.11). A stack-based buffer overflow is triggered in the file path /goform/fast_setting_wifi_set (also reported as /goform/fast setting wifi set) by manipulating the ssid_5g/ssid 5g argument. This vulnerability can be exploited remotely, w...

CVE-2026-2180

A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fastsettingwifiset. Such manipulation of the argument ssid5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2026-2180 Tenda RX3 fast_setting_wifi_set stack-based overflow

A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fastsettingwifiset. Such manipulation of the argument ssid5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used...