CVE-2025-39864

Sept. 19, 2025, 4:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmp_bss() Following bss_free() quirk introduced in commit 776b3580178f ("cfg80211: track hidden SSID networks properly"), adjust cfg80211_update_known_bss() to free the last beacon frame elements only if they're not shared via the corresponding 'hidden_beacon_bss' pointer.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/26e84445f02ce6b2fe5f3e0e28ff7add77f35e08
https://git.kernel.org/stable/c/5b7ae04969f822283a95c866967e42b4d75e0eef
https://git.kernel.org/stable/c/6854476d9e1aeaaf05ebc98d610061c2075db07d
https://git.kernel.org/stable/c/912c4b66bef713a20775cfbf3b5e9bd71525c716
https://git.kernel.org/stable/c/a8bb681e879ca3c9f722aa08d3d7ae41c42a8807
https://git.kernel.org/stable/c/a97a9791e455bb0cd5e7a38b5abcb05523d4e21c
https://git.kernel.org/stable/c/b7d08929178c16398278613df07ad65cf63cce9d
https://git.kernel.org/stable/c/ff040562c10a540b8d851f7f4145fa112977f853

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-09-19
CVE-2025-39864

Timeline

Published: Sept. 19, 2025, 4:15 p.m.
Last Modified: Sept. 19, 2025, 4:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.