CVE-2025-21979
- Source
- https://cve.org/CVERecord?id=CVE-2025-21979
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21979.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21979
- Downstream
- Related
- Published
- 2025-04-01T15:47:08.699Z
- Modified
- 2026-03-20T12:41:16.109573Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- wifi: cfg80211: cancel wiphy_work before freeing wiphy
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: cancel wiphy_work before freeing wiphy
A wiphywork can be queued from the moment the wiphy is allocated and initialized (i.e. wiphynewnm). When a wiphywork is queued, the rdev::wiphy_work is getting queued.
If wiphyfree is called before the rdev::wiphywork had a chance to run, the wiphy memory will be freed, and then when it eventally gets to run it'll use invalid memory.
Fix this by canceling the work before freeing the wiphy.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21979.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/0272d4af7f92997541d8bbf4c51918b93ded6ee2
- https://git.kernel.org/stable/c/72d520476a2fab6f3489e8388ab524985d6c4b90
- https://git.kernel.org/stable/c/75d262ad3c36d52852d764588fcd887f0fcd9138
- https://git.kernel.org/stable/c/8930a3e1568cf534f86c8ed2def817c6d0528fc1
- https://git.kernel.org/stable/c/a5158d67bff06cb6fea31be39aeb319fd908ed8e
- https://git.kernel.org/stable/c/dea22de162058216a90f2706f0d0b36f0ff309fd
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21979.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-21979
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedddb1bfbf4ab5c753954d0cd728253b642934a9f2Fixed8930a3e1568cf534f86c8ed2def817c6d0528fc1
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3fcc6d7d5f40dad56dee7bde787b7e23edd4b93cFixed0272d4af7f92997541d8bbf4c51918b93ded6ee2
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda3ee4dc84c4e9d14cb34dad095fd678127aca5b6Fixed75d262ad3c36d52852d764588fcd887f0fcd9138Fixeda5158d67bff06cb6fea31be39aeb319fd908ed8eFixeddea22de162058216a90f2706f0d0b36f0ff309fdFixed72d520476a2fab6f3489e8388ab524985d6c4b90