14 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: Fixed possible OOB access in mt7996tx. There is a possibility of Out-of-Boundary access in the mt7996tx routine if linkid is set to IEEE80211LINKUNSPECIFIED...
SUSE CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
UBUNTU-CVE-2026-23325
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...
PT-2026-27690
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the mt76 mt7996 module where a missing check for frame length could lead to an out-of-bounds access within the mt7996 mac write txwi 80211 function...
Linux Distros Unpatched Vulnerability : CVE-2023-54191
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: mt7996: fix memory leak in mt7996mcuexit Always purge mcu skb queues in mt7996mcuexit routine even if mt7996firmwarestate fails. CVE-2023-54191 Note...
UBUNTU-CVE-2025-40066
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...
EUVD-2025-36462
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...
UBUNTU-CVE-2025-39919
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: add missing check for rx wcid entries Non-station wcid entries must not be passed to the rx functions. In case of the global wcid entry, it could even lead to corruption in the wcid array due to pointer being...
Linux Distros Unpatched Vulnerability : CVE-2025-38316
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996setmonitor The function...
SUSE CVE-2025-38343
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast RA. This patch addresses vulnerabilities suc...
DEBIAN-CVE-2025-38156
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix null-ptr-deref in mt7996mmiowedinit devmioremap returns NULL on error. Currently, mt7996mmiowedinit does not check for this case, which results in a NULL pointer dereference. Prevent null pointer dereferen...
SUSE CVE-2024-47714
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: use hweight16 to get correct tx antenna The chainmask is u16 so using hweight8 cannot get correct txant. Without this patch, the txant of band 2 would be -1 and lead to the following issue: BUG: KASAN:...
AZL-51261 CVE-2024-47714 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: use hweight16 to get correct tx antenna The chainmask is u16 so using hweight8 cannot get correct txant. Without this patch, the txant of band 2 would be -1 and lead to the following issue: BUG: KASAN:...
CVE-2024-47714
CVE-2024-47714 affects the Linux kernel module for MT7996 WiFi (mt76). The vulnerability stems from using hweight8 on a 16-bit chainmask, causing incorrect tx_ant values (band 2); without the patch, tx_ant could become -1, triggering a KASAN stack-out-of-bounds condition in mt7996_mcu_add_sta. Th...