Johannes Berg - Security Researcher - Exploit Intelligence Platform

CVE-2019-16746 NOMISEC CRITICAL WORKING POC

Linux kernel <5.2.17 - Buffer Overflow

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

CVSS 9.8

View Code

CVE-2020-36691 WRITEUP MEDIUM WRITEUP

Linux Kernel < 5.8 - Denial of Service via Unbounded Recursion in Netlink Policy

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.

CVSS 5.5

View Code

CVE-2021-38206 WRITEUP MEDIUM WRITEUP

Linux Kernel < 5.12.13 - Denial of Service via 802.11a Frame Injection in mac80211 Radiotap Parser

The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.

CVSS 5.5

View Code