Linuxfoundation Yocto
114 CVEs affecting Linuxfoundation Yocto. Latest disclosed: 2026-03-09. Critical: 2, High: 17.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-20148 | Critical | 9.8 | 2025-01-06 | In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no… |
CVE-2024-20080 | Critical | 9.8 | 2024-07-01 | In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no… |
CVE-2024-20040 | High | 8.8 | 2024-04-01 | In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additiona… |
CVE-2024-25626 | High | 8.8 | 2024-02-19 | Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto… |
CVE-2024-20104 | High | 8.4 | 2024-11-04 | In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution pri… |
CVE-2024-20053 | High | 8.4 | 2024-04-01 | In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege with System execution privile… |
CVE-2024-20146 | High | 8.1 | 2025-01-06 | In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with… |
CVE-2025-20705 | High | 7.8 | 2025-09-01 | In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already… |
CVE-2025-61611 | High | 7.5 | 2026-03-09 | In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.. |
CVE-2024-20153 | High | 7.5 | 2025-01-06 | In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no addition… |
CVE-2024-20089 | High | 7.5 | 2024-09-02 | In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privil… |
CVE-2023-32820 | High | 7.5 | 2023-10-02 | In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional executi… |
CVE-2023-20693 | High | 7.5 | 2023-07-04 | In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privile… |
CVE-2023-20692 | High | 7.5 | 2023-07-04 | In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privile… |
CVE-2023-20691 | High | 7.5 | 2023-07-04 | In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privilege… |
CVE-2023-20690 | High | 7.5 | 2023-07-04 | In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privilege… |
CVE-2023-20689 | High | 7.5 | 2023-07-04 | In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privilege… |
CVE-2022-32666 | High | 7.5 | 2023-07-04 | In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional e… |
CVE-2022-32589 | High | 7.5 | 2022-10-07 | In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additiona… |
CVE-2025-20696 | Medium | 6.8 | 2025-08-04 | In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical acc… |