Linuxfoundation Yocto

114 CVEs affecting Linuxfoundation Yocto. Latest disclosed: 2026-03-09. Critical: 2, High: 17.

Top CVEs affecting Linuxfoundation Yocto
CVESeverityScorePublishedSummary
CVE-2024-20148Critical9.82025-01-06In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no…
CVE-2024-20080Critical9.82024-07-01In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no…
CVE-2024-20040High8.82024-04-01In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additiona…
CVE-2024-25626High8.82024-02-19Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto…
CVE-2024-20104High8.42024-11-04In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution pri…
CVE-2024-20053High8.42024-04-01In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege with System execution privile…
CVE-2024-20146High8.12025-01-06In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with…
CVE-2025-20705High7.82025-09-01In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already…
CVE-2025-61611High7.52026-03-09In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed..
CVE-2024-20153High7.52025-01-06In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no addition…
CVE-2024-20089High7.52024-09-02In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privil…
CVE-2023-32820High7.52023-10-02In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional executi…
CVE-2023-20693High7.52023-07-04In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privile…
CVE-2023-20692High7.52023-07-04In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privile…
CVE-2023-20691High7.52023-07-04In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privilege…
CVE-2023-20690High7.52023-07-04In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privilege…
CVE-2023-20689High7.52023-07-04In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privilege…
CVE-2022-32666High7.52023-07-04In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional e…
CVE-2022-32589High7.52022-10-07In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additiona…
CVE-2025-20696Medium6.82025-08-04In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical acc…