CVE-2025-21730

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-21730

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21730.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-21730

Related

UBUNTU-CVE-2025-21730

Published

2025-02-27T02:15:16Z

Modified

2025-03-10T05:50:53.064752Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: rtw89: avoid to init mgnt_entry list twice when WoWLAN failed

If WoWLAN failed in resume flow, the rtw89opsaddinterface() triggered without removing the interface first. Then the mgntentry list init again, causing the listempty() check in rtw89chanctxopsassignvif() useless, and listadd_tail() again. Therefore, we have added a check to prevent double adding of the list.

rtw898852ce 0000:01:00.0: failed to check wow status disabled rtw898852ce 0000:01:00.0: wow: failed to check disable fw ready rtw898852ce 0000:01:00.0: wow: failed to swap to normal fw rtw898852ce 0000:01:00.0: failed to disable wow rtw898852ce 0000:01:00.0: failed to resume for wow -110 rtw898852ce 0000:01:00.0: MAC has already powered on i2chidacpi i2c-ILTK0001:00: PM: acpisubsysresume+0x0/0x60 returned 0 after 284705 usecs listadd corruption. prev->next should be next (ffff9d9719d82228), but was ffff9d9719f96030. (prev=ffff9d9719f96030). ------------[ cut here ]------------ kernel BUG at lib/listdebug.c:34! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 2 PID: 6918 Comm: kworker/u8:19 Tainted: G U O Hardware name: Google Anraggar/Anraggar, BIOS GoogleAnraggar.15217.514.0 03/25/2024 Workqueue: eventsunbound asyncrunentryfn RIP: 0010:listaddvalidorreport+0x9f/0xb0 Code: e8 56 89 ff ff 0f 0b 48 c7 c7 3e fc e0 96 48 89 c6 e8 45 89 ff ... RSP: 0018:ffffa51b42bbbaf0 EFLAGS: 00010246 RAX: 0000000000000075 RBX: ffff9d9719d82ab0 RCX: 13acb86e047a4400 RDX: 3fffffffffffffff RSI: 0000000000000000 RDI: 00000000ffffdfff RBP: ffffa51b42bbbb28 R08: ffffffff9768e250 R09: 0000000000001fff R10: ffffffff9765e250 R11: 0000000000005ffd R12: ffff9d9719f95c40 R13: ffff9d9719f95be8 R14: ffff9d97081bfd78 R15: ffff9d9719d82060 FS: 0000000000000000(0000) GS:ffff9d9a6fb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007e7d029a4060 CR3: 0000000345e38000 CR4: 0000000000750ee0 PKRU: 55555554 Call Trace: <TASK> ? _diebody+0x68/0xb0 ? die+0xaa/0xd0 ? dotrap+0x9f/0x170 ? _listaddvalidorreport+0x9f/0xb0 ? _listaddvalidorreport+0x9f/0xb0 ? handleinvalidop+0x69/0x90 ? _listaddvalidorreport+0x9f/0xb0 ? excinvalidop+0x3c/0x50 ? asmexcinvalidop+0x16/0x20 ? _listaddvalidorreport+0x9f/0xb0 rtw89chanctxopsassignvif+0x1f9/0x210 [rtw89core cbb375c44bf28564ce479002bff66617a25d9ac1] ? _mutexunlockslowpath+0xa0/0xf0 rtw89opsassignvifchanctx+0x4b/0x90 [rtw89core cbb375c44bf28564ce479002bff66617a25d9ac1] drvassignvifchanctx+0xa7/0x1f0 [mac80211 6efaad16237edaaea0868b132d4f93ecf918a8b6] ieee80211reconfig+0x9cb/0x17b0 [mac80211 6efaad16237edaaea0868b132d4f93ecf918a8b6] ? _pfxwiphyresume+0x10/0x10 [cfg80211 572d03acaaa933fe38251be7fce3b3675284b8ed] ? devprintkemit+0x51/0x70 ? _devinfo+0x6e/0x90 wiphyresume+0x89/0x180 [cfg80211 572d03acaaa933fe38251be7fce3b3675284b8ed] ? _pfxwiphyresume+0x10/0x10 [cfg80211 572d03acaaa933fe38251be7fce3b3675284b8ed] dpmruncallback+0x37/0x1e0 deviceresume+0x26d/0x4b0 ? _pfxdpmwatchdoghandler+0x10/0x10 asyncresume+0x1d/0x30 asyncrunentryfn+0x29/0xd0 workerthread+0x397/0x970 kthread+0xed/0x110 ? _pfxworkerthread+0x10/0x10 ? _pfxkthread+0x10/0x10 retfromfork+0x38/0x50 ? _pfxkthread+0x10/0x10 retfromforkasm+0x1b/0x30 </TASK>

References

Affected packages

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.12.13-1

Affected versions

6.*

6.1.27-1

6.1.37-1

6.1.38-1

6.1.38-2~bpo11+1

6.1.38-2

6.1.38-3

6.1.38-4~bpo11+1

6.1.38-4

6.1.52-1

6.1.55-1~bpo11+1

6.1.55-1

6.1.64-1

6.1.66-1

6.1.67-1

6.1.69-1~bpo11+1

6.1.69-1

6.1.76-1~bpo11+1

6.1.76-1

6.1.82-1

6.1.85-1

6.1.90-1~bpo11+1

6.1.90-1

6.1.94-1~bpo11+1

6.1.94-1

6.1.98-1

6.1.99-1

6.1.106-1

6.1.106-2

6.1.106-3

6.1.112-1

6.1.115-1

6.1.119-1

6.1.123-1

6.1.124-1

6.1.128-1

6.1.129-1

6.3.1-1~exp1

6.3.2-1~exp1

6.3.4-1~exp1

6.3.5-1~exp1

6.3.7-1~bpo12+1

6.3.7-1

6.3.11-1

6.4~rc6-1~exp1

6.4~rc7-1~exp1

6.4.1-1~exp1

6.4.4-1~bpo12+1

6.4.4-1

6.4.4-2

6.4.4-3~bpo12+1

6.4.4-3

6.4.11-1

6.4.13-1

6.5~rc4-1~exp1

6.5~rc6-1~exp1

6.5~rc7-1~exp1

6.5.1-1~exp1

6.5.3-1~bpo12+1

6.5.3-1

6.5.6-1

6.5.8-1

6.5.10-1~bpo12+1

6.5.10-1

6.5.13-1

6.6.3-1~exp1

6.6.4-1~exp1

6.6.7-1~exp1

6.6.8-1

6.6.9-1

6.6.11-1

6.6.13-1~bpo12+1

6.6.13-1

6.6.15-1

6.6.15-2

6.7-1~exp1

6.7.1-1~exp1

6.7.4-1~exp1

6.7.7-1

6.7.9-1

6.7.9-2

6.7.12-1~bpo12+1

6.7.12-1

6.8.9-1

6.8.11-1

6.8.12-1~bpo12+1

6.8.12-1

6.9.2-1~exp1

6.9.7-1~bpo12+1

6.9.7-1

6.9.8-1

6.9.9-1

6.9.10-1~bpo12+1

6.9.10-1

6.9.11-1

6.9.12-1

6.10-1~exp1

6.10.1-1~exp1

6.10.3-1

6.10.4-1

6.10.6-1~bpo12+1

6.10.6-1

6.10.7-1

6.10.9-1

6.10.11-1~bpo12+1

6.10.11-1

6.10.12-1

6.11~rc4-1~exp1

6.11~rc5-1~exp1

6.11-1~exp1

6.11.2-1

6.11.4-1

6.11.5-1~bpo12+1

6.11.5-1

6.11.6-1

6.11.7-1

6.11.9-1

6.11.10-1~bpo12+1

6.11.10-1

6.12~rc6-1~exp1

6.12.3-1

6.12.5-1

6.12.6-1

6.12.8-1

6.12.9-1~bpo12+1

6.12.9-1

6.12.9-1+alpha

6.12.10-1

6.12.11-1

6.12.11-1+alpha

6.12.11-1+alpha.1

6.12.12-1~bpo12+1

6.12.12-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}