4 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Use IWLFWCHECK for link ID checking The lookup function iwlmvmrcufwlinkidtolinkconf is typically called with inputs from the firmware. Therefore, it should use IWLFWCHECK instead of WARNON...
UBUNTU-CVE-2026-23246
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: bounds-check linkid in ieee80211mlreconfiguration linkid is taken from the ML Reconfiguration element control & 0x000f, so it can be 0..15. linkremovaltimeout has IEEE80211MLDMAXNUMLINKS 15 elements, so index 15 i...
CVE-2024-46825 wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: use IWLFWCHECK for link ID check The lookup function iwlmvmrcufwlinkidtolinkconf is normally called with input from the firmware, so it should use IWLFWCHECK instead of WARNON...
CVE-2024-46825
CVE-2024-46825 involves the Linux kernel wifi (iwlwifi mvm) where the firmware link ID is checked using WARN_ON() instead of IWL_FW_CHECK. The fix changes the lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() to use IWL_FW_CHECK() when validating firmware-provided input. Public docs show this...