191 matches found
kernel: wifi: mac80211_hwsim: fix typo in frequency notification
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
kernel: wifi: mac80211_hwsim: fix typo in frequency notification
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
imageproc: Out-of-bounds read via NaN coordinates in bilinear/bicubic sampling
A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fixed a typographical error in the frequency notification. The NAN notification refers to a frequency of 5745 MHz, which corresponds to channel 149, not 5475—which is not a valid channel at all. This could le...
Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout
Apache Log4j's JsonTemplateLayout, in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. This may cause downstream log processing systems to reject or fail to ind...
Improper Encoding or Escaping of Output
Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output when JsonTemplateLayout logs a MapMessage. An attacker can cause downstream log processing systems to reject or fail to index affected records by supplying non-finite floating-point values such as...
SUSE CVE-2026-23040
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
CVE-2026-23040
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
UBUNTU-CVE-2026-23040
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
CVE-2026-23040
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
CVE-2026-23040
CVE-2026-23040 is a Linux kernel vulnerability involving the wifi mac80211_hwsim: a typo in the frequency notification. The NAN notification was listed as 5745 MHz (channel 149) instead of a valid channel like 5475, which could lead to a NULL pointer dereference in cfg80211_next_nan_dw_notif. The...
CVE-2026-23040 wifi: mac80211_hwsim: fix typo in frequency notification
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
CVE-2026-23040 wifi: mac80211_hwsim: fix typo in frequency notification
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
EUVD-2026-5507
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
CVE-2026-24856
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to unsigned short integer types during ICC profile X...
CVE-2026-24856
CVE-2026-24856 affects iccDEV up to version 2.3.1.2. The issue is an undefined behavior when converting floating-point NaN values to unsigned short integers during ICC profile XML parsing, which can corrupt memory structures and enable arbitrary code execution. The fix is in version 2.3.1.2. IBM/...
PT-2026-5226
Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with ICC color management profiles. A flaw exists in versions prior to 2.3.1.2 where undefined behavior occurs during the conversion of...
Azure Linux 3.0 Security Update: jq (CVE-2024-53427)
The version of jq installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53427 advisory. - decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric,...
Oracle Linux 9 : transfig (ELSA-2026-0700)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-0700 advisory. 1:3.2.7b-11 - Detect nan in spline control values - CVE-2025-46397 Tenable has extracted the preceding description block directly from the Oracle Linux security...
CVE-2022-33253
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames...