Out-of-Bounds Access in Linux Kernel's Configuring 802.11 WiFi Elements
CVE-2025-37973

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
20 May 2025

What is CVE-2025-37973?

A vulnerability has been identified within the Linux kernel affecting the cfg80211 module, specifically during the multi-link element defragmentation process. This flaw arises when calculating the total length of Information Elements (IEs), where improper handling can lead to out-of-bounds access. Such access could occur if a multi-link element or its corresponding fragment elements appear as the last elements in the IEs buffer, potentially allowing for malicious exploitation. The issue has been addressed by correcting the calculation of remaining IEs length, ensuring the new offsets are accurately derived.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 2481b5da9c6b2ee1fde55a1c29eb2ca377145a10 < 73dde269a1a43e6b1aa92eba13ad2df58bfdd38e

Linux 2481b5da9c6b2ee1fde55a1c29eb2ca377145a10 < 9423f6da825172b8dc60d4688ed3d147291c3be9

Linux 2481b5da9c6b2ee1fde55a1c29eb2ca377145a10

References

https://git.kernel.org/stable/c/73dde269a1a43e6b1aa92eba1...
https://git.kernel.org/stable/c/9423f6da825172b8dc60d4688...
https://git.kernel.org/stable/c/e1c6d0c6199bd5f4cfc7a66ae...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.