Lorenzo Bianconi

#10427of 53,779
26.6Total CVSS
Vulnerabilities · 4
Medium
2
High
2
PT-2025-8417
5.5
2025-02-26
Linux · Linux Kernel · CVE-2022-49484
**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A NULL pointer dereference issue has been identified in the mt7915 mac fill rx vector routine of the mt76 driver in the Linux kernel. This issue occurs when the chip does not support dbdc and the hardware reports the band idx set to 1. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-8628
7.8
2022-06-17
Linux · Linux Kernel · CVE-2022-49695
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.18.3-apu2 #9 **Description** A use-after-free issue has been identified in the igb clean tx ring routine when the NIC is running in XDP mode. This issue can be triggered by redirecting traffic into the igb NIC and then closing the device while the traffic is flowing. The problem arises from the `igb clean tx ring` function, which is called by `igb down`, ` igb close`, and `igb xdp`. **Recommendations** For Linux kernel version 5.18.3-apu2 #9 and earlier, consider updating to a newer version that includes the fix for the use-after-free issue in the `igb clean tx ring` routine. As a temporary workaround, consider disabling the XDP mode for the igb NIC to minimize the risk of exploitation.
PT-2024-11483
5.5
2021-11-18
Linux · Linux Kernel · CVE-2021-47540
**Name of the Vulnerable Software and Affected Versions** Linux kernel version 5.10.75 **Description** A NULL pointer dereference vulnerability has been resolved in the Linux kernel. The issue occurred in the mt7915 get phy mode routine when adding an IBSS interface to the mt7915 driver. This vulnerability could lead to a kernel crash or potentially allow an attacker to execute arbitrary code. **Recommendations** To resolve this issue, update the Linux kernel to a version that includes the fix for the NULL pointer dereference in the mt7915 get phy mode routine. As a temporary workaround, consider disabling the IBSS interface on the mt7915 driver until a patch is available.
PT-2024-11185
7.8
2021-04-23
Linux · Linux Kernel · CVE-2021-47135
**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a possible array out of bound access in the `mt7921 mcu tx rate report` function. This could potentially lead to security issues. The problem has been resolved by fixing the array out of bound issue and removing an unnecessary variable in the `mt7921 mcu tx rate report` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.