CVE-2025-21909
- Source
- https://cve.org/CVERecord?id=CVE-2025-21909
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21909.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21909
- Downstream
- Related
- Published
- 2025-04-01T15:40:48.680Z
- Modified
- 2026-03-11T07:54:32.046318049Z
- Summary
- wifi: nl80211: reject cooked mode if it is set along with other flags
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wifi: nl80211: reject cooked mode if it is set along with other flags
It is possible to set both MONITORFLAGCOOKFRAMES and MONITORFLAGACTIVE flags simultaneously on the same monitor interface from the userspace. This causes a sub-interface to be created with no IEEE80211SDATAINDRIVER bit set because the monitor interface is in the cooked state and it takes precedence over all other states. When the interface is then being deleted the kernel calls WARNONCE() from checksdataindriver() because of missing that bit.
Fix this by rejecting MONITORFLAGCOOK_FRAMES if it is set along with other flags.
Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21909.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/236f41ca728f23210b31ed2d1d8a6df575a4b2d6
- https://git.kernel.org/stable/c/351eb7ac53ff1cd94d893c0c4534ced2f36ae7d7
- https://git.kernel.org/stable/c/49f27f29446a5bfe633dd2cc0cfebd48a1a5e77f
- https://git.kernel.org/stable/c/521e55c2b0d6028861ac0a2d06aa57bb0e3ac486
- https://git.kernel.org/stable/c/5ea856d93794c4afa5542defd8c61f2708dc245a
- https://git.kernel.org/stable/c/ac4860141300581d3e2f6c6dafa37220f7ea9f65
- https://git.kernel.org/stable/c/cd1bdcb77fdc03c253137e55bae10551b3481461
- https://git.kernel.org/stable/c/ebebbb0eded2ed9a1abfa31962f6fb699e6abce7
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21909.json
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
- https://nvd.nist.gov/vuln/detail/CVE-2025-21909
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced66f7ac50ed7cc5c19a62bc97e8f6e7891004a03aFixed5ea856d93794c4afa5542defd8c61f2708dc245aFixed351eb7ac53ff1cd94d893c0c4534ced2f36ae7d7Fixedcd1bdcb77fdc03c253137e55bae10551b3481461Fixed236f41ca728f23210b31ed2d1d8a6df575a4b2d6Fixedebebbb0eded2ed9a1abfa31962f6fb699e6abce7Fixed521e55c2b0d6028861ac0a2d06aa57bb0e3ac486Fixedac4860141300581d3e2f6c6dafa37220f7ea9f65Fixed49f27f29446a5bfe633dd2cc0cfebd48a1a5e77f