Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: nl80211: Fixed an integer overflow in the nl80211ParseMBSSIDElems function. The nl80211ParseMBSSIDElems function uses a u8 variable named numElems to count the number of MBSSID elements in the nested netlink attribute attrs...

EUVD-2023-60038

The WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.8.2, due to improper CORS handling on the Store API's REST endpoints allowing direct external access from any origin. This can allow unauthenticated attackers to extract...

SUSE CVE-2023-53570

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211parsembssidelems nl80211parsembssidelems uses a u8 variable numelems to count the number of MBSSID elements in the nested netlink attribute attrs, which can lead to an integer overflo...

CVE-2023-53570 wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211parsembssidelems nl80211parsembssidelems uses a u8 variable numelems to count the number of MBSSID elements in the nested netlink attribute attrs, which can lead to an integer overflo...

kernel: wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()

An integer overflow flaw was found in the Linux kernel's nl80211 wireless configuration interface in the MBSSID element parsing logic. A local user with CAPNETADMIN capability can trigger this issue by specifying 256 or more MBSSID elements through the nl80211 interface, causing the u8 counter...