In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: use safe list iteration in radar detect work
The call to ieee80211_dfs_cac_cancel can cause the iterated chanctx t
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix use-after-free
We've already freed the assoc_data at this point, so need
to use another copy of the AP (MLD) a
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: ocb: don't leave if not joined
If there's no OCB state, don't ask the driver/mac80211 to
leave, since that's just
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
In some versions of cfg80211, the ssids poinet might be a valid one e
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: wext: add extra SIOCSIWSCAN data check
In 'cfg80211_wext_siwscan()', add extra check whether number of
channels pa
In the Linux kernel, the following vulnerability has been resolved:
mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations
ieee80211_chan_bw_change() iterates all stations and accesses
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix use-after-free in chanctx code
In ieee80211_vif_use_reserved_context(), when we have an
old context and the ne
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: prohibit deactivating all links
In the internal API this calls this is a WARN_ON, but that
should remain since int
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: Fix UAF in ieee80211_scan_rx()
ieee80211_scan_rx() tries to access scan_req->flags after a
null check, but a UAF i
In the Linux kernel, the following vulnerability has been resolved:
clk: imx: scu: use _safe list iterator to avoid a use after free
This loop is freeing "clk" so it needs to use list_for_each_entry
In the Linux kernel, the following vulnerability has been resolved:
wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
Always free the zeroed page on return from 'mwifiex_histogram_read()'.
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta
Avoid potential data corruption issues caused by uni
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request
Make sure that n_channels is set after allocating the
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw88: delete timer and free skb queue when unloading
Fix possible crash and memory leak on driver unload by deleting
TX pur
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix node corruption in ar->arvifs list
In current WLAN recovery code flow, ath12k_core_halt() only reinitializes
the
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration
link_id is taken from the ML Reconfiguration element (control
In the Linux kernel, the following vulnerability has been resolved:
wifi: nl80211: fix NULL-ptr deref in offchan check
If, e.g. in AP mode, the link was already created by userspace
but not activate
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: Set correct chandef when starting CAC
When starting CAC in a mode other than AP mode, it return a
"WARNING: CPU: 0
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7925: fix off by one in mt7925_load_clc()
This comparison should be >= instead of > to prevent an out of bounds
read
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: don't WARN for connections on invalid channels
It's not clear (to me) how exactly syzbot managed to hit this,
but
Page 1+ Next →