Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: mesh: Fixed a leak of meshpreqqueue objects The hwmp code uses objects of type meshpreqqueue, which are added to a list in ieee80211ifmesh to track mpath. We need to fix this issue. If the mpath is deleted, the...

EUVD-2026-16154

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...

DEBIAN-CVE-2026-23396

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...

EUVD-2026-15198

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in meshrxcsaframe In meshrxcsaframe, elems-meshchanswparamsie is dereferenced at lines 1638 and 1642 without a prior NULL check: ifmsh-chswttl = elems-meshchanswparamsie-meshttl;...

CVE-2026-23279 wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame()

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in meshrxcsaframe In meshrxcsaframe, elems-meshchanswparamsie is dereferenced at lines 1638 and 1642 without a prior NULL check: ifmsh-chswttl = elems-meshchanswparamsie-meshttl;...

CVE-2025-55292

Meshtastic is an open source mesh networking solution. In the current Meshtastic architecture, a Node is identified by their NodeID, generated from the MAC address, rather than their public key. This aspect downgrades the security, specifically by abusing the HAM mode which doesn't use encryption...

kernel: mac80211: fix potential double free on mesh join

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix potential double free on mesh join While commit 6a01afcf8468 "mac80211: mesh: Free ie data when leaving mesh" fixed a memory leak on mesh leave / teardown it introduced a potential memory corruption caused by a doub...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003288 advisory. In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation wh...

EUVD-2025-201571

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: cancel mesh send timer when hdev removed meshsenddone timer is not canceled when hdev is removed, which causes crash if the timer triggers after hdev is gone. Cancel the timer when MGMT removes the hdev, like oth...

EUVD-2025-18918

Malicious code in bioql PyPI...

EUVD-2025-5098

Malicious code in bioql PyPI...

EUVD-2024-54776

Malicious code in bioql PyPI...

EUVD-2025-21057

Malicious code in bioql PyPI...

EUVD-2025-14855

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38512

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to t...

CVE-2025-53637

Meshtastic is an open source mesh networking solution. The mainmatrix.yml GitHub Action is triggered by the pullrequesttarget event, which has extensive permissions, and can be initiated by an attacker who forked the repository and created a pull request. In the shell code execution part,...

CVE-2025-24798

Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains wantresponse==true causes a crash. This can lead to a degradation of service for nodes within range of a malicious sender, or via MQTT if downlink is enabled. This...

CVE-2025-53637 Meshtastic allows Command Injection in GitHub Action

Meshtastic is an open source mesh networking solution. The mainmatrix.yml GitHub Action is triggered by the pullrequesttarget event, which has extensive permissions, and can be initiated by an attacker who forked the repository and created a pull request. In the shell code execution part,...

SUSE CVE-2022-49290

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix potential double free on mesh join While commit 6a01afcf8468 "mac80211: mesh: Free ie data when leaving mesh" fixed a memory leak on mesh leave / teardown it introduced a potential memory corruption caused by a doub...

[SECURITY] Fedora 41 Update: fastd-23-1.fc41

fastd is a secure tunneling daemon with some unique features: - Very small binary about 100KB on OpenWRT in the default configuration, including all dependencies besides libc - Exchangable crypto methods - Transport over UDP for simple usage behind NAT - Can run in 1:1 and 1:n scenarios - There a...