In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: fix use-after-free in cmp_bss()
Following bss_free() quirk introduced in commit 776b3580178f
("cfg80211: track hidden SSID networks properly"), adjust
cfg80211_update_known_bss() to free the last beacon frame
elements only if they're not shared via the corresponding
'hidden_beacon_bss' pointer.
wifi: cfg80211: fix use-after-free in cmp_bss()
Following bss_free() quirk introduced in commit 776b3580178f
("cfg80211: track hidden SSID networks properly"), adjust
cfg80211_update_known_bss() to free the last beacon frame
elements only if they're not shared via the corresponding
'hidden_beacon_bss' pointer.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
No data.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 19 Sep 2025 15:30:00 +0000
MITRE
Status: PUBLISHED
Assigner: Linux
Published:
Updated: 2025-09-19T15:26:33.787Z
Reserved: 2025-04-16T07:20:57.143Z
Link: CVE-2025-39864
Vulnrichment
No data.
NVD
Status : Received
Published: 2025-09-19T16:15:45.420
Modified: 2025-09-19T16:15:45.420
Link: CVE-2025-39864
Redhat
No data.
OpenCVE Enrichment
No data.