Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Do not send a 6E-related command when it is not supported. MCCALLOWEDAPTYPECMD is related to 6E support. Do not send this command if the device does not support 6E. Apparently, the firmware mistakenly indicat...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: fixed a memory leak in ath12kpciremove The issue was reported as follows: unreferenced object 0xffff1c165cec3060 size 32: comm "insmod", pid 560, jiffies 4296964570 age 235.596s backtrace:...

ALSA-2026:21557 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: j1939: j1939sessionnew: fix skb reference counting CVE-2024-56645 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: mm: thp: deny...

LSN-0117-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: e100: Fix possible use after free in e100xmitprepare In e100xmitprepare, if we can't map the skb, then return -ENOMEM, so e100xmitframe will return NETDEVTXBUSY and the upper layer will resend the skb. In the Linux kernel, the...

Fedora 42 : linux-firmware (2026-1d240112ff)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1d240112ff advisory. Update to 20260110: update firmware for MT7925 WiFi device mediatek MT7925: update bluetooth firmware to 20260106153314 mediatek MT7920: update bluetooth...

Fedora 43 : linux-firmware (2025-698dc1bbfa)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-698dc1bbfa advisory. Update to 20251125: Revert amdgpu: update GC 11.0.1 firmware QCA: Add Bluetooth firmware for WCN685x uart interface qcom: Add ADSP firmware for...

Fedora 43 : linux-firmware (2025-0ef7552461)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-0ef7552461 advisory. Upstream linux-firmware 20251111 release: rtlbt: Update RTL8922A BT USB firmware to 0x41C0C905 add firmware for mt7987 internal 2.5G ethernet phy rtw88: 8822...

EUVD-2022-26921

Malicious code in bioql PyPI...

EUVD-2023-53650

Malicious code in bioql PyPI...

EUVD-2022-26909

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-0173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Validation of Consistency within input in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windo...

Linux Distros Unpatched Vulnerability : CVE-2021-0172

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow...

CVE-2025-38505

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: discard erroneous disassoc frames on STA interface When operating in concurrent STA/AP mode with host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when clients disconnect...

CVE-2025-38505

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: discard erroneous disassoc frames on STA interface When operating in concurrent STA/AP mode with host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when clients disconnect...

CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

CVE-2023-49722

Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 products, that allows an attacker to connect to the device via same WiFi network...

CVE-2022-21757

In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468894; Issue ID: ALPS06468894...

CVE-2022-21745

In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for...

CVE-2024-47718 wifi: rtw88: always wait for both firmware loading attempts

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: always wait for both firmware loading attempts In 'rtwwaitfirmwarecompletion', always wait for both regular and wowlan firmware loading attempts. Otherwise if 'rtwusbintfinit' has failed in 'rtwusbprobe',...

CVE-2024-40941 wifi: iwlwifi: mvm: don't read past the mfuart notifcation

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't read past the mfuart notifcation In case the firmware sends a notification that claims it has more data than it has, we will read past that was allocated for the notification. Remove the print of the...