155 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: reliance on mt76connac2mactxrateval In order to address a potential NULL pointer dereferencing in mt7996macwritetxwi, the mt76connac2mactxrateval utility routine has been exported and reused in the mt7996 driv...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996 – fixed a potential memory leak when reading chip temperature. Without this fix, reading chip temperature would cause memory leaks...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996 – Dropping fragments with multicast or broadcast RA. IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, fragments are dropped during multicast or broadcast RA. This patch addresses...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996 – Fixed possible out-of-band OOB access in mt7996macwritetxwi80211. The frame length was checked before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid possible OOB access...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996setmonitor The function mt7996setmonitor dereferences phy before the NULL sanity check. Fix this to avoid NULL pointer dereference by moving the dereference after the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix null-ptr-deref in mt7996mmiowedinit devmioremap returns NULL on error. Currently, mt7996mmiowedinit does not check for this case, which results in a NULL pointer dereference. Prevent null pointer dereferen...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: Added a NULL check in mt7996thermalinit. The devmkasprintf function can return a NULL pointer if it fails, but this returned value in mt7996thermalinit is not checked. A NULL check should be added in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: wifi: mt76: mt7996: fixed a memory leak in mt7996mcuexit. The mcuskb queues in the mt7996mcuexit routine must always be purged, even if mt7996firmwarestate fails...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996conftx If a link does not have an assigned channel yet, mt7996viflink returns NULL. We still need to store the updated queue settings in that case, and apply them later. Move th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: Fixed possible OOB access in mt7996tx. There is a possibility of Out-of-Boundary access in the mt7996tx routine if linkid is set to IEEE80211LINKUNSPECIFIED...
SUSE CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
CVE-2026-23325
A flaw was found in the Linux kernel's mt76 WiFi driver, specifically within the mt7996 component. This vulnerability, an out-of-bounds OOB access, occurs because the driver does not adequately check the length of incoming data frames before attempting to read or write to memory. A local attacker...
EUVD-2026-15278
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
UBUNTU-CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
CVE-2026-23325
CVE-2026-23325 affects the Linux kernel wifi stack (mt76/mt7996). The flaw is an out-of-bounds access in mt7996_mac_write_txwi_80211() due to insufficient frame-length checks on management fields. Affected component: mt7996 hardware path in the kernel’s wifi driver. Impact per sources: potential ...
CVE-2026-23325 wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
CVE-2026-23325 wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...