1490 matches found
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...
UBUNTU-CVE-2026-46307
In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...
CVE-2026-36355
The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK all known versions through v3.4.14B does not perform any access control checks on the writemem ioctl 0x89F5 and readmem ioctl 0x89F6 debug handlers, which are compiled into production builds via the unconditionally defined...
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...
CVE-2026-46271
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...
CVE-2026-46248
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-iscreated remains false, the error path attempts to...
CVE-2026-46271
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...
CVE-2026-46271
CVE-2026-46271 concerns the Linux kernel ath12k Wi‑Fi driver. When a multi‑link connection is active, WoW offloads were enabled on both the primary and secondary links, potentially crashing firmware on WCN7850 devices (denial of service). The fix changes WoW offloads to run only on the primary li...
CVE-2026-46248
CVE-2026-46248 pertains to the Linux kernel ath12k Wi‑Fi driver. When an arvif (Access Point Virtual Interface) is initialized in non-AP STA mode and MLO connection setup fails before arvif->is_created becomes true, the error path can leave a stale ahvif->links_map entry and, on reusing the...
wifi: b43: enforce bounds check on firmware key index in b43_rx()
...
wifi: mac80211: drop stray 'static' from fast-RX rx_result
...
SUSE CVE-2026-46187
In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: fix kthread lifetime race between self-exit and external-stop RSI driver use both self-exitkthreadcompleteandexit and external-stop kthreadstop when killing a kthread. Generally, kthreadstop is called first, and in thi...
Linux Distros Unpatched Vulnerability : CVE-2026-46187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: rsi: fix kthread lifetime race between self-exit and external-stop RSI driver use both self- exitkthreadcompleteandexit and external-stop kthreadstop when...
Linux Distros Unpatched Vulnerability : CVE-2026-46122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: b43: enforce bounds check on firmware key index in b43rx The firmware-controlled key index in b43rx can exceed the dev-key array size 58 entries. The...
CVE-2026-46187
In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: fix kthread lifetime race between self-exit and external-stop RSI driver use both self-exitkthreadcompleteandexit and external-stop kthreadstop when killing a kthread. Generally, kthreadstop is called first, and in thi...
CVE-2026-46163
In the Linux kernel, the following vulnerability has been resolved: wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware-controlled key index in b43legacyrx can exceed dev-maxnrkeys. The existing B43legacyWARNON is non-enforcing in production builds...