16 matches found
CVE-2023-53767 wifi: ath12k: fix memory leak in ath12k_qmi_driver_event_work()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kqmidrivereventwork Currently the buffer pointed by event is not freed in case ATH12KFLAGUNREGISTERING bit is set, this causes memory leak. Add a goto skip instead of return, to ensure event...
Linux Distros Unpatched Vulnerability : CVE-2025-38414
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix GCCGCCPCIEHOTRST definition for WCN7850 GCCGCCPCIEHOTRST is wrongly define...
CVE-2025-37744 wifi: ath12k: fix memory leak in ath12k_pci_remove()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kpciremove Kmemleak reported this error: unreferenced object 0xffff1c165cec3060 size 32: comm "insmod", pid 560, jiffies 4296964570 age 235.596s backtrace: kmemcacheallocnode+0x1f4/0x2c0...
CVE-2025-37744 wifi: ath12k: fix memory leak in ath12k_pci_remove()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kpciremove Kmemleak reported this error: unreferenced object 0xffff1c165cec3060 size 32: comm "insmod", pid 560, jiffies 4296964570 age 235.596s backtrace: kmemcacheallocnode+0x1f4/0x2c0...
CVE-2024-56543
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Skip Rx TID cleanup for self peer During peer create, dp setup for the peer is done where Rx TID is updated for all the TIDs. Peer object for self peer will not go through dp setup. When core halts, dp cleanup is do...
CVE-2024-49930 wifi: ath11k: fix array out-of-bound access in SoC stats
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath11kdpprocessrx function access...
CVE-2024-47724
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: use work queue to process beacon tx event Commit 3a415daa3e8b "wifi: ath11k: add P2P IE in beacon template" from Feb 28, 2024 linux-next, leads to the following Smatch static checker warning:...
CVE-2024-47724 wifi: ath11k: use work queue to process beacon tx event
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: use work queue to process beacon tx event Commit 3a415daa3e8b "wifi: ath11k: add P2P IE in beacon template" from Feb 28, 2024 linux-next, leads to the following Smatch static checker warning:...
CVE-2024-47724
CVE-2024-47724 concerns the Linux kernel wifi driver ath11k beacon template handling. The issue arises when beacon TX status events trigger a sleep in an RCU read-side path, specifically via ath11k_wmi_cmd_send() called during BCN templating, which can sleep in atomic context. The root cause trac...
CVE-2024-47724 wifi: ath11k: use work queue to process beacon tx event
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: use work queue to process beacon tx event Commit 3a415daa3e8b "wifi: ath11k: add P2P IE in beacon template" from Feb 28, 2024 linux-next, leads to the following Smatch static checker warning:...
CVE-2024-46827 wifi: ath12k: fix firmware crash due to invalid peer nss
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix firmware crash due to invalid peer nss Currently, if the access point receives an association request containing an Extended HE Capabilities Information Element with an invalid MCS-NSS, it triggers a firmware...
CVE-2024-43881
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: change DMA direction while mapping reinjected packets For fragmented packets, ath12k reassembles each fragment as a normal packet and then reinjects it into HW ring. In this case, the DMA direction should be...
CVE-2024-43847
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid memory access while processing fragmented packets The monitor ring and the reo reinject ring share the same ring mask index. When the driver receives an interrupt for the reo reinject ring, the monitor...
CVE-2024-38572 wifi: ath12k: fix out-of-bound access of qmi_invoke_handler()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix out-of-bound access of qmiinvokehandler Currently, there is no terminator entry for ath12kqmimsghandlers hence facing below KASAN warning, ================================================================== BUG:...
CVE-2024-38572
CVE-2024-38572 concerns the Linux kernel wifi driver ath12k. The issue is a missing terminator entry in ath12k_qmi_msg_handlers, which can trigger a global out-of-bounds read in qmi_invoke_handler via KASAN. A fix adds a dummy terminator entry to allow qmi_invoke_handler to traverse to the termin...
CVE-2024-35938 wifi: ath11k: decrease MHI channel buffer length to 8KB
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buflen field of ath11kmhiconfigqca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenari...