10 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986872)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986872 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211vifusereservedcontext, when we hav...
EUVD-2025-5246
Malicious code in bioql PyPI...
CVE-2024-57997
CVE-2024-57997 (Linux kernel) : The vulnerability lies in the wifi/wcn36xx driver memory allocation for wcn->chan_survey, caused by an incorrect size calculation that could leave uninitialized memory. The fix switches to memory allocation via kcalloc to ensure proper initialization when there ...
DEBIAN-CVE-2022-49416
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211vifusereservedcontext, when we have an old context and the new context's replacestate is set to IEEE80211CHANCTXREPLACENONE, we free the old context in...
DEBIAN-CVE-2024-49937
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: 0 PID: 63 at cfg80211chandefdfsusable+0x20/0xaf cfg80211" caused by the chandef.chan being null at t...
SUSE CVE-2022-47521
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTRCHANNELLIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi...
Design/Logic Flaw
An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability...
CVE-2017-12094
An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability...
Circle with Disney Command Injection Vulnerability (CNVD-2017-33187)
Circle with Disney is a set of network monitoring and management devices for monitoring children's online behavior from Circle Media, Inc. in the United States. A command injection vulnerability exists in the WiFi Channel parsing in Circle with Disney version 2.0.1. The vulnerability can be...
Circle with Disney Startup WiFi Channel Parsing Command Injection Vulnerability
Summary An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability...