Memory Corruption Vulnerability in Linux Kernel Affecting Wi-Fi Drivers by Linux Foundation
CVE-2025-39919

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-39919?

A memory corruption issue was identified in the Linux kernel's implementation of the mt76 Wi-Fi driver. The vulnerability arises from the absence of a necessary validation check for non-station Wireless Client ID (wcid) entries during reception handling. When these invalid entries, particularly a global wcid entry, are processed by the receiver functions, it risks corrupting the wcid array. This could result in significant stability issues and affect the performance of wireless connectivity. Users are urged to apply patches to safeguard their systems.

Affected Version(s)

Linux 7464b12b7d92b9641d4664735b9f3c3f0b6173d9 < 69dcc19048fcdc3fb166fd25b805470ee8fc0eb1

Linux 7464b12b7d92b9641d4664735b9f3c3f0b6173d9 < 4a522b01e368eec58d182ecc47d24f49a39e440d

Linux 6.15

References

https://git.kernel.org/stable/c/69dcc19048fcdc3fb166fd25b...

https://git.kernel.org/stable/c/4a522b01e368eec58d182ecc4...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Apr 16, 2025

JSON