18 matches found
CVE-2026-23396
A flaw was found in the Linux kernel's mac80211 component. An adjacent attacker can exploit this by sending a specially crafted Channel Switch Announcement CSA action frame. This frame, containing a valid Mesh ID Information Element IE but lacking a Mesh Configuration IE, can trigger a NULL point...
SUSE CVE-2026-23396
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...
EUVD-2026-16154
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...
CVE-2026-23396
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...
DEBIAN-CVE-2026-23396
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...
CVE-2026-23396
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...
UBUNTU-CVE-2026-23396
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...
CVE-2026-23396 wifi: mac80211: fix NULL deref in mesh_matches_local()
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...
CVE-2026-23396
The CVE-2026-23396 issue affects the Linux kernel mac80211 mesh code. The function mesh_matches_local() dereferenced ie->mesh_config without verifying presence, allowing a crafted CSA action frame that includes a Mesh ID IE but omits the Mesh Configuration IE to crash the kernel. The race is t...
CVE-2026-23396
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...
CVE-2026-23396 wifi: mac80211: fix NULL deref in mesh_matches_local()
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...
Linux Distros Unpatched Vulnerability : CVE-2026-23396
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When...
EUVD-2026-8688
Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...
CVE-2026-27849
Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...
CVE-2026-27849
The CVE-2026-27849 vulnerability affects MR9600 (versions 1.0.4.205530) and MX4200 (version 1.0.13.210200). It arises from missing neutralization of special elements in the update functionality of a TLS-SRP connection used for configuring devices in the mesh network, enabling potential OS command...
PT-2026-28329
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the mac80211 component, specifically in the mesh matches local function. This function unconditionally dereferences ie-mesh config to compare mesh...
EUVD-2017-12971
Malware in sbrugna...
Authentication flaw
A vulnerability in the mesh code of Cisco Wireless LAN Controller WLC software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could...