Lucene search
K

105 matches found

Cvelist
Cvelist
added 2022/12/18 12:0 a.m.21 views

CVE-2022-47519

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTROPERCHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frame...

7.7AI score0.00298EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/12/18 12:0 a.m.23 views

CVE-2022-47518

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management...

7.8AI score0.00329EPSS
Exploits0References4
CVE
CVE
added 2022/12/18 12:0 a.m.168 views

CVE-2022-47518

CVE-2022-47518 affects the Linux kernel before 6.0.11, specifically the WILC1000 wireless driver (drivers/net/wireless/microchip/wilc1000/cfg80211.c). The issue is missing validation of the number of channels, which can trigger a heap-based buffer overflow when copying the list of operating chann...

7.8CVSS7.4AI score0.00329EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2022/12/18 12:0 a.m.38 views

CVE-2022-47518

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management...

7.8CVSS6.7AI score0.00329EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/24 12:0 a.m.8 views

PT-2022-6042 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.0.11 Description: The issue is related to the WILC1000 wireless driver in the Linux kernel, specifically with the missing validation of IEEE80211 P2P ATTR OPER CHANNEL in the cfg80211.c file. This can trigger ...

9.8CVSS8.1AI score0.71737EPSS
Exploits201References1057
RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.2 views

kernel: ath11k: Fix frames flush failure caused by deadlock

In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: 25393.301506 ath11kpci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: 25398.421509 ath11kpci 0000:01:00.0: failed to flush mgm...

5.5CVSS6.3AI score0.00162EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.7 views

kernel: ath11k: Fix frames flush failure caused by deadlock

In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: 25393.301506 ath11kpci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: 25398.421509 ath11kpci 0000:01:00.0: failed to flush mgm...

5.5CVSS6.3AI score0.00162EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2020/06/30 12:0 a.m.4 views

The vulnerability of the IEEE 802.11w Protected Management Frames (PMFs) in the Cisco IOS XE operating system allows a hacker to disrupt a user’s legitimate connection to a vulnerable device.

The vulnerability of the IEEE 802.11w Protected Management Frames PMFs in the Cisco IOS XE operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to successfully disconnect a user’s connection to a vulnerable device...

4.7CVSS5.5AI score0.00468EPSS
Exploits0References3Affected Software1
Mageia
Mageia
added 2020/06/10 10:26 p.m.45 views

Updated wpa_supplicant packages fix security vulnerability

Updated wpasupplicant and hostpad packages fix security vulnerability: A vulnerability was discovered in wpasupplicant. When Access Point AP mode and Protected Management Frames PMF IEEE 802.11w are enabled, wpasupplicant does not perform enough validation on the source address of some received...

6.5CVSS0.8AI score0.01214EPSS
Exploits0References5
OSV
OSV
added 2020/06/10 10:26 p.m.17 views

MGASA-2020-0244 Updated wpa_supplicant packages fix security vulnerability

Updated wpasupplicant and hostpad packages fix security vulnerability: A vulnerability was discovered in wpasupplicant. When Access Point AP mode and Protected Management Frames PMF IEEE 802.11w are enabled, wpasupplicant does not perform enough validation on the source address of some received...

6.5CVSS6.8AI score0.01214EPSS
Exploits0References6
CNVD
CNVD
added 2020/06/04 12:0 a.m.5 views

Cisco Catalyst 9800 Series Wireless Controllers IOS XE Input Validation Error Vulnerability (CNVD-2020-31958)

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. An input validation error vulnerability exists in the IEEE 802.11w Protected Management Frames handling of IOS XE Software in Cisco Catalyst 9800 Series Wireless Controllers. An...

4.7CVSS6.8AI score0.00468EPSS
Exploits0References1
OSV
OSV
added 2020/06/03 6:15 p.m.5 views

CVE-2020-3206

A vulnerability in the handling of IEEE 802.11w Protected Management Frames PMFs of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device. The vulnerabilit...

4.7CVSS5.8AI score0.00468EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/02/27 4:7 a.m.162 views

Billions of Devices Open to Wi-Fi Eavesdropping Attacks

SAN FRANCISCO — A serious vulnerability in Wi-Fi chips has been discovered that affects billions of devices worldwide, according to researchers. It allows attackers to eavesdrop on Wi-Fi communications. The bug CVE-2019-15126 stems from the use of an all-zero encryption key in chips made by...

2.9CVSS6.3AI score0.07709EPSS
Exploits7References6
OSV
OSV
added 2019/12/12 10:15 p.m.2 views

DEBIAN-CVE-2019-5062

An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial...

6.5CVSS7AI score0.00545EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/24 12:0 a.m.2 views

Cisco Aironet Access Points/Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability

Cisco Aironet APs are a family of access access point products. Cisco Aironet, Catalyst 9100 Access Points APs A resource management error vulnerability exists in the Control and Provisioning of Wireless Access Points CAPWAP protocol implementation, which stems from a failure in CAPWAP message...

7.4CVSS6.7AI score0.00457EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/10/17 2:35 p.m.196 views

Cisco Aironet Access Points Plagued By Critical, High-Severity Flaws

Cisco Systems has released a security update stomping out critical and high-severity flaws impacting its Aironet access points, which are entry-level wireless access points APs used by mid-size enterprises in their offices or small warehouses. It also issued a slew of additional patches addressin...

10CVSS1.5AI score0.02994EPSS
Exploits0References9
OSV
OSV
added 2019/10/16 7:15 p.m.4 views

CVE-2019-15264

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol implementation of Cisco Aironet and Catalyst 9100 Access Points APs could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service DoS...

6.5CVSS6.9AI score0.00457EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/09/30 12:0 a.m.35 views

Debian DSA-4538-1 : wpa - security update

Two vulnerabilities were found in the WPA protocol implementation found in wpasupplication station and hostapd access point. - CVE-2019-13377 A timing-based side-channel attack against WPA3's Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password. -...

6.5CVSS6.8AI score0.02187EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2019/09/19 12:0 a.m.38 views

Ubuntu 16.04 LTS / 18.04 LTS : wpa_supplicant and hostapd vulnerability (USN-4136-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4136-1 advisory. It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of...

6.5CVSS6.4AI score0.01214EPSS
Exploits0References2
OSV
OSV
added 2019/09/18 2:4 p.m.5 views

USN-4136-2 wpa, wpasupplicant vulnerability

USN-4136-1 fixed a vulnerability in wpasupplicant. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to...

6.5CVSS6.7AI score0.01214EPSS
Exploits0References2
Rows per page
Query Builder