55 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: wl1251 – Fixed a memory leak in wl1251txwork. The skb packet dequeued from txqueue is lost when the wl1251pselpwakeup function fails with an -ETIMEDOUT error. This issue was fixed by re-queuing the skb packet back into...
SUSE CVE-2026-43113
In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...
CVE-2026-43113
A flaw was found in the wl1251 Wi-Fi driver within the Linux kernel. The wl1251txpacketcb function processes firmware completion IDs without proper validation, allowing an attacker to use a crafted ID to access memory outside of allocated bounds. This out-of-bounds access could lead to memory...
EUVD-2026-27635
In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...
CVE-2026-43113
In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...
CVE-2026-43113
In the Linux kernel, CVE-2026-43113 affects the wl1251 Wi‑Fi driver. The function wl1251_tx_packet_cb() uses the firmware completion ID (a raw u8) to index a fixed 16-entry wl->tx_frames[] array without validating that the ID fits. The callback can dereference out-of-range IDs. The fix rejects...
CVE-2026-43113
In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...
CVE-2026-43113 wifi: wl1251: validate packet IDs before indexing tx_frames
In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...
CVE-2026-43113
In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...
PT-2026-37423
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description An out-of-bounds array access exists in the WiFi wl1251 driver. The wl1251 tx packet cb function uses a firmware completion ID, provided as a raw u8 from the completion block, to index t...
Linux Distros Unpatched Vulnerability : CVE-2026-43113
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wl1251: Dynamic allocation of memory used for DMA. With the introduction of vmap-ed stacks, stack parameters can no longer be used for DMA, which can lead to kernel panic. This issue occurs in several locations related to wl1251...
ROS-20260203-73-0039
A vulnerability in the wl1251txwork function of the wl1251/tx.c component of the wifi module of the Linux kernel is related to improper memory freeing before deleting the last reference. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37982)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37982 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: fix memory leak in...
EUVD-2022-54729
In the Linux kernel, the following vulnerability has been resolved: wl1251: dynamically allocate memory used for DMA With introduction of vmap'ed stacks, stack parameters can no longer be used for DMA and now leads to kernel panic. It happens at several places for the wl1251 e.g. when accessed...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986696)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986696 advisory. In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251cmdscan Function wl1251cmdscan calls memcpy without...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986445)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986445 advisory. In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251cmdscan Function wl1251cmdscan calls memcpy without...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986280)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986280 advisory. In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251cmdscan Function wl1251cmdscan calls memcpy without...
Linux Distros Unpatched Vulnerability : CVE-2022-49500
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wl1251: dynamically allocate memory used for DMA With introduction of vmap'ed stacks, stack...
Linux Distros Unpatched Vulnerability : CVE-2025-37982
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: wl1251: fix memory leak in wl1251txwork The skb dequeued from txqueue is lost when wl1251pselpwakeup fails with a -ETIMEDOUT error. Fix that by queueing t...