| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025030630-CVE-2025-21828-cb05@gregkh> Date: Thu, 6 Mar 2025 17:04:33 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2025-21828: wifi: mac80211: don't flush non-uploaded STAs Description =========== In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't flush non-uploaded STAs If STA state is pre-moved to AUTHORIZED (such as in IBSS scenarios) and insertion fails, the station is freed. In this case, the driver never knew about the station, so trying to flush it is unexpected and may crash. Check if the sta was uploaded to the driver before and fix this. The Linux kernel CVE team has assigned CVE-2025-21828 to this issue. Affected and fixed versions =========================== Issue introduced in 6.4 with commit d00800a289c9349bb659a698cbd7bc04521dc927 and fixed in 6.6.76 with commit cf21ef3d430847ba864bbc9b2774fffcc03ce321 Issue introduced in 6.4 with commit d00800a289c9349bb659a698cbd7bc04521dc927 and fixed in 6.12.13 with commit cd10b7fcb95a6a86c67adc54304c59a578ab16af Issue introduced in 6.4 with commit d00800a289c9349bb659a698cbd7bc04521dc927 and fixed in 6.13.2 with commit 9efb5531271fa7ebae993b2a33a705d9947c7ce6 Issue introduced in 6.4 with commit d00800a289c9349bb659a698cbd7bc04521dc927 and fixed in 6.14-rc1 with commit aa3ce3f8fafa0b8fb062f28024855ea8cb3f3450 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-21828 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: net/mac80211/driver-ops.h Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/cf21ef3d430847ba864bbc9b2774fffcc03ce321 https://git.kernel.org/stable/c/cd10b7fcb95a6a86c67adc54304c59a578ab16af https://git.kernel.org/stable/c/9efb5531271fa7ebae993b2a33a705d9947c7ce6 https://git.kernel.org/stable/c/aa3ce3f8fafa0b8fb062f28024855ea8cb3f3450
Powered by blists - more mailing lists