28 matches found
FreeBSD 操作系统命令注入漏洞
FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has a vulnerability related to command injection attacks. This vulnerability arises from the lack of protection when scanning Wi-Fi networks, as shell extensions may be used to manipulate network names. This allo...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Increase scanieslen for S1G. Currently, the S1G capability element is not taken into consideration when calculating scanieslen, which leads to a buffer length validation failure in the ieee80211prephwscan functio...
CVE-2025-40000 wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix use-after-free in rtw89coretxkickoffandwait There is a bug observed when rtw89coretxkickoffandwait tries to access already freed skbdata: BUG: KFENCE: use-after-free write in rtw89coretxkickoffandwait...
EUVD-2022-25608
Malicious code in bioql PyPI...
EUVD-2025-5218
Malicious code in bioql PyPI...
EUVD-2022-25609
Malicious code in bioql PyPI...
CVE-2022-49934
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211scanrx ieee80211scanrx tries to access scanreq-flags after a null check, but a UAF is observed when the scan is completed and ieee80211scancompleted executes, which then calls cfg80211scandone...
CVE-2025-38013
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Set nchannels after allocating struct cfg80211scanrequest Make sure that nchannels is set after allocating the struct cfg80211registereddevice::intscanreq member. Seen with syzkaller: UBSAN:...
CVE-2025-21729 wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix race between cancelhwscan and hwscan completion The rtwdev-scanning flag isn't protected by mutex originally, so cancelhwscan can pass the condition, but suddenly hwscan completion unset the flag and calls...
CVE-2025-21729
The CVE-2025-21729 vulnerability affects the Linux kernel wifi driver rtw89 (rtwdev) with a race between cancel_hw_scan and hw_scan completion. Root cause: rtwdev->scanning was not mutex-protected, allowing cancel_hw_scan to observe/modify state while hw_scan completion could unset the flag an...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-53055)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53055 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan...
DEBIAN-CVE-2024-53055
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop variable has type u8,...
CVE-2023-21248
In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
CVE-2023-21248
In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
CVE-2023-21248
In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
Google Android OS 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a missing privilege check in getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, which can be exploited by an attacker to gain...
ASB-A-277333746
In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
CVE-2022-20349
In WifiScanningPreferenceController and BluetoothScanningPreferenceController, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20349
In WifiScanningPreferenceController and BluetoothScanningPreferenceController, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20349
In WifiScanningPreferenceController and BluetoothScanningPreferenceController, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...