CVE-2013-7027 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7027): The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service (buffer over-read) via a crafted header.
Fixed in 3.11.7.