Use-After-Free Vulnerability in Linux Kernel Affecting Broadcom Wi-Fi Driver
CVE-2025-39863
What is CVE-2025-39863?
A use-after-free vulnerability exists in the Linux kernel's Broadcom brcmfmac driver, specifically within the handling of the btcoex_info structure. This vulnerability arises due to race conditions that occur during the detachment and scheduling of the Wi-Fi coexistence timer. When the btcoex_info structure is freed while a worker function is executing or is scheduled, it can lead to memory access violations, causing potential instability or a denial-of-service resultant from improper memory management. To mitigate this risk, it is essential to revise the timer shutdown procedure to ensure proper synchronization, thus preventing misuse of freed memory.
Affected Version(s)
Linux 61730d4dfffc2cc9d3a49fad87633008105c18ba
Linux 61730d4dfffc2cc9d3a49fad87633008105c18ba < 3e789f8475f6c857c88de5c5bf4b24b11a477dd7
Linux 61730d4dfffc2cc9d3a49fad87633008105c18ba < 2f6fbc8e04ca1d1d5c560be694199f847229c625