1415 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: The issue in ieee80211scanrx involves checking the skb length. This code requires hard-coded compile-time constants for determining the header length check. Instead, a dynamic determination based on the frame type shoul...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mac80211: Fixed an underflow in staticbranchdec for aqldisable. syzbot reported an underflow in staticbranchdec in aqlenablewrite. 0 The issue arises because aqlenablewrite does not serialize concurrent write operations ...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mac80211: The limit on vht mcs/nss in ieee80211parsetxradiotap has been adjusted. The maximum values of vht mcs and nss in ieee80211parsetxradiotap routine have been limited to fix the following warning reported by syzbot:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “wifi: mac80211: fix memory leak in ieee80211ifadd” This resolution involves committing changes in commit 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293. The function ieee80211iffree is already called from freenetdevndev, because...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel versions 5.8 through 5.19.x, prior to 5.19.16, local attackers who were able to inject WLAN frames into the mac80211 stack could carry out a NULL pointer dereferencing denial-of-service attack against the beacon protection of P2P devices...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Reject VHT operation mode for unsupported channel widths Notifications related to VHT operation mode are not defined for channel widths below 20 MHz. Specifically, 5 MHz and 10 MHz are not valid under the VHT...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fixed a UAF in ieee80211scanrx The ieee80211scanrx function attempts to access scanreq-flags after a null check. However, a UAF Use-after-Allocation was observed when the scan is completed and ieee80211scancomplet...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Fix for potential “sta-link” leaks When a station is allocated, links are added but are not yet marked as valid e.g., during connection to an AP or MLD. We might remove the station without actually marking the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Fix invalid drvstaprercuRemove calls for non-uploaded stations. This issue prevents potential data corruption issues caused by uninitialized driver-related private data structures...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fixed the handling of late hrtimer events. Thomas explained in https://loreKernel.org/r/87mtoeb4hb.ffs@tglx that our current handling of hrtimer is incorrect. If the timer fires late—for example, due to vCPU...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Prohibit deactivating all links. In the internal API, this triggers a WARN message, but that should remain as it is—we want to be aware of bugs that might cause this issue. We prevent the deactivation of all link...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: fixed a use-after-free in CCMP/GCMP RX. When PN checking is performed in mac80211, for fragmentation purposes, we need to copy the PN into the RX struct so that it can be used later for comparison. This is reflected in...
Astra Linux – Vulnerability in Linux, Linux 5.10
A list management bug in BSS handling in the mac80211 stack of the Linux kernel versions 5.1 through 5.19.x, prior to 5.19.16, could be exploited by local attackers those capable of injecting WLAN frames to corrupt a linked list and, in turn, potentially execute unauthorized code...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start The ieee80211txbasessionhandlestart function may return NULL for sdata when a deauthentication process is ongoing. Here is a trace that illustrates the race condition involving...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mac80211: Fixed a deadlock issue in AP/VLAN handling. Syzbot reports that when APVLAN interfaces are active, closing the AP interface they belong to can lead to a deadlock. This isn’t surprising—since we use devclose to handle...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – A race condition has been fixed when enabling fast-xmit. fast-xmit must only be enabled after the station has been uploaded to the driver. Otherwise, it might pass the yet-to-be-uploaded station through drvtx cal...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Fixed a use-after-free in the chanctx code. In ieee80211vifusereservedcontext, when there’s an old context and the replacestate of the new context is set to IEEE80211CHANCTXREPLACENONE, the old context is freed in...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211gtkrekeyadd is called, and ieee80211gtkrekeyadd returns 0 due to KRACK protection identical key reinstall, ieee80211gtkrekeyadd will still return a pointer to the key...
Astra Linux – Vulnerability in Linux 5.10, Linux
A use-after-free in the mac80211 stack, during the parsing of a multi-BSSID element in the Linux kernel versions 5.2 through 5.19.x before 5.19.16, could be exploited by attackers who have access to injecting WLAN frames. This exploitation could lead to kernel crashes and potentially allow them t...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not return “unset power” in ieee80211gettxpower. We may receive a UBSAN warning if ieee80211gettxpower returns the INTMIN value that mac80211 internally uses for “unset power level”. UBSAN:...