CVE-2025-37973

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-37973
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37973.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37973
Downstream
Related
Published
2025-05-20T16:47:19.074Z
Modified
2026-03-20T12:42:36.229616Z
Summary
wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation

Currently during the multi-link element defragmentation process, the multi-link element length added to the total IEs length when calculating the length of remaining IEs after the multi-link element in cfg80211defragmle(). This could lead to out-of-bounds access if the multi-link element or its corresponding fragment elements are the last elements in the IEs buffer.

To address this issue, correctly calculate the remaining IEs length by deducting the multi-link element end offset from total IEs end offset.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37973.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2481b5da9c6b2ee1fde55a1c29eb2ca377145a10
Fixed
73dde269a1a43e6b1aa92eba13ad2df58bfdd38e
Fixed
9423f6da825172b8dc60d4688ed3d147291c3be9
Fixed
e1c6d0c6199bd5f4cfc7a66ae7032b6e805f904d
Fixed
023c1f2f0609218103cbcb48e0104b144d4a16dc

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37973.json"