162 matches found
SUSE CVE-2026-53097
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix use-after-free bugs in mt7996macdumpwork When the mt7996 pci chip is detaching, the mt7996crashdata is released in mt7996coredumpunregister. However, the work item dumpwork may still be running or pending,...
Linux Distros Unpatched Vulnerability : CVE-2026-53097
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: mt7996: fix use-after-free bugs in mt7996macdumpwork When the mt7996 pci chip is detaching, the mt7996crashdata is released in...
CVE-2026-53097
A flaw was found in the Linux kernel's mt7996 Wi-Fi driver. A use-after-free vulnerability exists in the mt7996macdumpwork function due to a race condition during the detachment of the mt7996 PCI chip. This can occur when mt7996crashdata is released while a related work item is still active,...
CVE-2026-53097
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix use-after-free bugs in mt7996macdumpwork When the mt7996 pci chip is detaching, the mt7996crashdata is released in mt7996coredumpunregister. However, the work item dumpwork may still be running or pending,...
CVE-2026-53097
CVE-2026-53097 describes a use-after-free in the Linux kernel’s mt76 mt7996 driver. During PCI device removal, crash_data is freed in mt7996_coredump_unregister() while a pending/delayed work item (dump_work) may still reference it, causing UAF in mt7996_mac_dump_work(). The fix cancels pending o...
PT-2026-51991
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the mt76 wireless driver for the mt7996 PCI chip. A race condition occurs when the chip is detaching; the mt7996 coredump unregister function releases...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996 – Fixed possible out-of-band OOB access in mt7996macwritetxwi80211. The frame length was checked before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid possible OOB access...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: Added a NULL check in mt7996thermalinit. devmkasprintf may return a NULL pointer if it fails, but this returned value in mt7996thermalinit is not checked. Add a NULL check in mt7996thermalinit to handle the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996 – fixed a potential memory leak when reading chip temperature. Without this fix, reading chip temperature would cause memory leaks...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996: Avoid NULL pointer dereferencing in mt7996setmonitor The function mt7996setmonitor dereferences thePHY variable before performing the NULL sanity check. This issue could lead to NULL pointer dereferencing. The...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: Fixed possible OOB access in mt7996tx. There is a possibility of Out-of-Boundary access in the mt7996tx routine if linkid is set to IEEE80211LINKUNSPECIFIED...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: reliance on mt76connac2mactxrateval In order to address a potential NULL pointer dereferencing in mt7996macwritetxwi, the mt76connac2mactxrateval utility routine has been exported and reused in the mt7996 driv...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996: fixed null pointer dereference in mt7996conftx If a link does not have an assigned channel yet, mt7996viflink returns NULL. We still need to store the updated queue settings in that case and apply them later...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: fixed a memory leak in mt7996mcuexit. The mcuskb queues in the mt7996mcuexit routine must always be purged, even if mt7996firmwarestate fails...
SUSE CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
CVE-2026-23325
A flaw was found in the Linux kernel's mt76 WiFi driver, specifically within the mt7996 component. This vulnerability, an out-of-bounds OOB access, occurs because the driver does not adequately check the length of incoming data frames before attempting to read or write to memory. A local attacker...
EUVD-2026-15278
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
UBUNTU-CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...