66 matches found
CVE-2019-17133
CVE-2019-17133 affects Linux kernel up to 5.3.2, where cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c fails to reject an oversized SSID IE, causing a Buffer Overflow. The available connected docs confirm the vulnerability and its impact but do not provide a specific patched version or reme...
CVE-2019-16746
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow...
Buffer overflow
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow...
CVE-2019-16746
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow...
CVE-2019-16746
CVE-2019-16746 : A buffer overflow in the Linux kernel (net/wireless/nl80211.c) can occur through improper bounds checking of variable-length elements in a beacon head, enabling potential arbitrary code execution or a system crash. The issue affects Linux kernels up to at least 5.2.17, with repor...
CVE-2018-21008
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsimac80211detach in the file drivers/net/wireless/rsi/rsi91xmac80211.c...
CVE-2019-15926
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6klwmipstreamtimeouteventrx and ath6klwmicaceventrx in the file drivers/net/wireless/ath/ath6kl/wmi.c...
CVE-2018-21008
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsimac80211detach in the file drivers/net/wireless/rsi/rsi91xmac80211.c...
CVE-2019-15504
drivers/net/wireless/rsi/rsi91xusb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic which may be remote via usbip or usbredir...
CVE-2019-15220
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver...
CVE-2019-15220
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver...
Memory corruption
Memory leak in the hwsimnewradionl function in drivers/net/wireless/mac80211hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service memory consumption by triggering an out-of-array error case...
CVE-2018-8087
Memory leak in the hwsimnewradionl function in drivers/net/wireless/mac80211hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service memory consumption by triggering an out-of-array error case...
Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3043)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3043 advisory. - fix autofs/afs/etc. magic mountpoint breakage Al Viro Orabug: 19028505 CVE-2014-0203 - SELinux: Fix kernel BUG on empty security contexts. Stephe...
CVE-2013-7027
The ieee80211radiotapiteratorinit function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service buffer over-read via a crafted header...
CVE-2013-7027
The CVE-2013-7027 entry concerns the Linux kernel vulnerability in the ieee80211_radiotap_iterator_init function (net/wireless/radiotap.c) prior to 3.11.7. The issue is that the code does not validate whether a frame contains data outside of the header, which may allow an attacker to trigger a de...
CVE-2009-3280
Integer signedness error in the findie function in net/wireless/scan.c in the cfg80211 subsystem in the Linux kernel before 2.6.31.1-rc1 allows remote attackers to cause a denial of service soft lockup via malformed packets...
Integer overflow
Integer signedness error in the findie function in net/wireless/scan.c in the cfg80211 subsystem in the Linux kernel before 2.6.31.1-rc1 allows remote attackers to cause a denial of service soft lockup via malformed packets...
CVE-2009-3280
The CVE-2009-3280 issue affects the Linux kernel CFG80211 code. Specifically, an Integer signedness error in the find_ie function inside net/wireless/scan.c can be triggered by malformed packets, leading to a denial of service (soft lockup). Affected version range is before 2.6.31.1-rc1. Multiple...
CVE-2009-2844
CVE-2009-2844 affects the Linux kernel’s cfg80211 code (net/wireless/scan.c) in 2.6.30-rc1 and earlier than 2.6.31-rc6. The vulnerability allows remote attackers to cause a denial of service (crash) by sending a crafted sequence of beacon frames: one frame omits the SSID Information Element, and ...