59 matches found
SUSE CVE-2023-53203
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: rely on mt76connac2mactxrateval In order to fix a possible NULL pointer dereference in mt7996macwritetxwi of vif pointer, export mt76connac2mactxrateval utility routine and reuse it in mt7996 driver...
PT-2025-38556
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s wifi subsystem related to SSID length handling within the cfg80211 connect result function. Specifically, insufficient bounds checking on the...
CVE-2025-38657
CVE-2025-38657 affects the Linux kernel’s wifi/rtw89 MCC path. The vulnerability arises because the user-controlled link_id parsed via debugfs can exceed BITS_PER_LONG, causing shift wrapping and potentially an out-of-bounds access. The issue is mitigated by capping the value to IEEE80211_MLD_MAX...
CVE-2025-38600 wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan()
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925mcuhwscan The ssid-ssids and sreq-ssids arrays have MT7925RNRSCANMAXBSSIDS elements so this = needs to be to prevent an out of bounds access...
CVE-2025-38599
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible OOB access in mt7996tx Fis possible Out-Of-Boundary access in mt7996tx routine if linkid is set to IEEE80211LINKUNSPECIFIED...
CVE-2025-38599
CVE-2025-38599 : The connected records confirm a Linux kernel vulnerability in the wifi/mt76 stack for the mt7996 device family. Affected component: kernel networking stack (mt7996_tx function). Root cause: Out-of-bounds access in mt7996_tx() when link_id is set to IEEE80211_LINK_UNSPECIFIED. Imp...
CVE-2025-38541
Summary: In the Linux kernel, the mt7925 driver (mt76 family) had a NULL pointer dereference in mt7925_thermal_init() caused when devm_kasprintf() returns NULL. The fix adds a NULL check after devm_kasprintf() to prevent the crash, addressing an issue with thermal initialization in mt7925. Affect...
CVE-2025-38541 wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix null-ptr-deref in mt7925thermalinit devmkasprintf returns NULL on error. Currently, mt7925thermalinit does not check for this case, which results in a NULL pointer dereference. Add NULL check after...
CVE-2025-38509
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject VHT opmode for unsupported channel widths VHT operating mode notifications are not defined for channel widths below 20 MHz. In particular, 5 MHz and 10 MHz are not valid under the VHT specification and must...
Linux Distros Unpatched Vulnerability : CVE-2022-49881
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in queryregdbfile In the function queryregdbfile the alpha2...
Linux Distros Unpatched Vulnerability : CVE-2024-26895
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces...
Linux Distros Unpatched Vulnerability : CVE-2024-38616
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified- memset warning The carl9170txrelease function sometimes...
SUSE CVE-2025-38450
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925stasetdecapoffload Add a NULL check for msta-vif before accessing its members to prevent a kernel panic in AP mode deployment. This also fix the issue reported in 1. T...
The vulnerability of the mt7996_set_monitor() function in the Linux kernel’s Wi-Fi component allows a hacker to trigger a service failure.
The vulnerability of the mt7996setmonitor function in the Linux kernel’s Wi-Fi component is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s kernel Wi-Fi component, which allows a hacker to damage memory
The vulnerability of the Linux operating system’s kernel Wi-Fi component is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to damage memory resources...
CVE-2025-38343 wifi: mt76: mt7996: drop fragments with multicast or broadcast RA
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast RA. This patch addresses vulnerabilities suc...
CVE-2025-38121 wifi: iwlwifi: mld: avoid panic on init failure
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: avoid panic on init failure In case of an error during init, inhwrestart will be set, but it will never get cleared. Instead, we will retry to init again, and then we will act like we are in a restart when we...
SUSE CVE-2022-49881
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in queryregdbfile In the function queryregdbfile the alpha2 parameter is duplicated using kmemdup and subsequently freed in regdbfwcb. However, requestfirmwarenowait can fail without calling...
CVE-2025-37796
CVE-2025-37796 affects the Linux kernel wifi driver for at76c50x. The root cause is a use-after-free in at76_disconnect: after freeing the priv object (via ieee80211_free_hw) the code accesses the freed object’s udev field to manage the USB device, which can also cause a memory leak. The issue is...
The vulnerability of the Linux operating system’s kernel Wi-Fi component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s kernel Wi-Fi component is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...