Lucene search
+L

117 matches found

CVE
CVE
added 2024/08/26 10:11 a.m.367 views

CVE-2024-43911

CVE-2024-43911—Linux kernel wifi/mac80211 NULL pointer dereference fix . The vulnerability occurs in the MLD path during band/tx BA session initialization where link_data/link_conf may not point to vif->bss_conf, risking a NULL chan and a kernel crash. The fix adds explicit checks on ht_suppor...

5.5CVSS6.9AI score0.00225EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/26 10:11 a.m.18 views

CVE-2024-43911 wifi: mac80211: fix NULL dereference at band check in starting tx ba session

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...

7.1AI score0.00225EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/08/26 10:11 a.m.18 views

CVE-2024-43911

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...

5.5CVSS6.2AI score0.00225EPSS
Exploits0
Cvelist
Cvelist
added 2024/08/26 10:11 a.m.79 views

CVE-2024-43911 wifi: mac80211: fix NULL dereference at band check in starting tx ba session

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...

0.00225EPSS
Exploits0References2
OSV
OSV
added 2024/08/26 10:11 a.m.24 views

CVE-2024-43911 wifi: mac80211: fix NULL dereference at band check in starting tx ba session

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References6
NVD
NVD
added 2024/08/05 3:15 p.m.38 views

CVE-2024-33025

Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE...

7.5CVSS0.0028EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/05 2:21 p.m.15 views

CVE-2024-33025 Buffer Over-read in WLAN Host

Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE...

7.5CVSS7AI score0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/05 2:21 p.m.54 views

CVE-2024-33025 Buffer Over-read in WLAN Host

Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE...

7.5CVSS0.0028EPSS
Exploits0References1
CVE
CVE
added 2024/08/05 2:21 p.m.83 views

CVE-2024-33025

CVE-2024-33025 is a Transient Denial of Service in the WLAN Host path affecting Qualcomm WLAN components, triggered while parsing the BSS parameter change count or MLD capabilities fields within the ML Information Element. The NVD entry notes a Network attack vector with CVSS v3.1 base score 7.5 ...

7.5CVSS7.6AI score0.0028EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/05 12:0 a.m.8 views

PT-2024-25070 · Qualcomm · Snapdragon +159

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a Transient Denial of Service DOS that occurs while parsing the BSS parameter change count or MLD capabilities fields of the ML...

7.5CVSS6.6AI score0.0028EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/16 11:13 a.m.21 views

CVE-2022-48785 ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...

6.8AI score0.00172EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/05/17 11:11 p.m.24 views

CVE-2024-35838

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential sta-link leak When a station is allocated, links are added but not set to valid yet e.g. during connection to an AP MLD, we might remove the station without ever marking links valid, and leak them. F...

5.5CVSS6.5AI score0.00219EPSS
Exploits0References4
NVD
NVD
added 2024/04/17 10:15 a.m.24 views

CVE-2024-26837

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...

4.7CVSS6.3AI score0.00166EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/17 10:10 a.m.26 views

CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...

6.5AI score0.00166EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/03/27 4:26 a.m.11 views

SUSE CVE-2021-47146

In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mldnewpack mldnewpack doesn't allow to allocate high order page, only order-0 allocation is allowed. If headroom size is too large, a kernel panic could occur in skbput. Test commands: ip netns del A ip netns de...

5.5CVSS6.2AI score0.00238EPSS
Exploits0References8
NVD
NVD
added 2024/03/25 9:15 a.m.17 views

CVE-2021-47146

In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mldnewpack mldnewpack doesn't allow to allocate high order page, only order-0 allocation is allowed. If headroom size is too large, a kernel panic could occur in skbput. Test commands: ip netns del A ip netns de...

5.5CVSS7.2AI score0.00238EPSS
Exploits0References8
OSV
OSV
added 2024/03/25 9:15 a.m.1 views

DEBIAN-CVE-2021-47146

In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mldnewpack mldnewpack doesn't allow to allocate high order page, only order-0 allocation is allowed. If headroom size is too large, a kernel panic could occur in skbput. Test commands: ip netns del A ip netns de...

5.5CVSS5.7AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/25 9:7 a.m.16 views

CVE-2021-47146 mld: fix panic in mld_newpack()

In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mldnewpack mldnewpack doesn't allow to allocate high order page, only order-0 allocation is allowed. If headroom size is too large, a kernel panic could occur in skbput. Test commands: ip netns del A ip netns de...

7.4AI score0.00238EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/03/19 3:36 a.m.1 views

SUSE CVE-2024-26631

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6mcdown / mldifcwork idev-mcifccount can be written over without proper locking. Originally found by syzbot 1, fix this issue by encapsulating calls to mldifcstopwork and mldgqstopwork for good...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References13
OSV
OSV
added 2024/03/18 11:15 a.m.2 views

DEBIAN-CVE-2024-26631

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6mcdown / mldifcwork idev-mcifccount can be written over without proper locking. Originally found by syzbot 1, fix this issue by encapsulating calls to mldifcstopwork and mldgqstopwork for good...

4.7CVSS5.3AI score0.00176EPSS
Exploits0References1
Rows per page
Query Builder