Null Pointer Dereference Vulnerability in Linux Kernel WiFi Driver by Vendor Linux
CVE-2025-40066

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
28 October 2025

What is CVE-2025-40066?

A vulnerability exists within the Linux kernel's WiFi driver, specifically in the mt76 module. This flaw occurs in the mt7996 component during the initialization of station links. If a NULL pointer is not correctly handled before executing the initialization routine, it could lead to a dereference error, potentially causing system instability. The vulnerability has been addressed by ensuring the phy pointer is validated prior to invoking the initialization function, significantly enhancing system reliability and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux dd82a9e02c054052b5899872c1f32805428f6131 < 2e671536c1c3c7bcad95d408a4ab42e2e54d1882

Linux dd82a9e02c054052b5899872c1f32805428f6131

Linux 6.15

References

https://git.kernel.org/stable/c/2e671536c1c3c7bcad95d408a...
https://git.kernel.org/stable/c/fe5fffadc6c77c56f122cf104...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.