CVE-2025-37796
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: at76c50x: fix use after free access in at76_disconnect
The memory pointed to by priv is freed at the end of at76_delete_device function (using ieee80211_free_hw). But the code then accesses the udev field of the freed object to put the USB device. This may also lead to a memory leak of the usb device. Fix this by using udev from interface.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 29e20aa6c6aff35c81d4da2e2cd516dadb569061 < c731cdfddcf1be1590d5ba8c9b508f98e3a2b3d6 | affected |
| Linux | Linux | 29e20aa6c6aff35c81d4da2e2cd516dadb569061 < 6e4ab3e574c2a335b40fa1f70d1c54fcb58ab33f | affected |
| Linux | Linux | 29e20aa6c6aff35c81d4da2e2cd516dadb569061 < 3c619aec1f538333b56746d2f796aab1bca5c9a5 | affected |
| Linux | Linux | 29e20aa6c6aff35c81d4da2e2cd516dadb569061 < 5e7df74745700f059dc117a620e566964a2e8f2c | affected |
| Linux | Linux | 29e20aa6c6aff35c81d4da2e2cd516dadb569061 < 7ca513631fa6ad3011b8b9197cdde0f351103704 | affected |
| Linux | Linux | 29e20aa6c6aff35c81d4da2e2cd516dadb569061 < a9682bfef2cf3802515a902e964d774e137be1b9 | affected |
| Linux | Linux | 29e20aa6c6aff35c81d4da2e2cd516dadb569061 < 152721cbae42713ecfbca6847e0f102ee6b19546 | affected |
| Linux | Linux | 29e20aa6c6aff35c81d4da2e2cd516dadb569061 < 27c7e63b3cb1a20bb78ed4a36c561ea4579fd7da | affected |
| Linux | Linux | 3.17 | affected |
| Linux | Linux | 0 < 3.17 | unaffected |
| Linux | Linux | 5.4.293 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.237 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.181 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.135 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.88 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.25 <= 6.12.* | unaffected |
| Linux | Linux | 6.14.4 <= 6.14.* | unaffected |
| Linux | Linux | 6.15 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
References
- https://git.kernel.org/stable/c/c731cdfddcf1be1590d5ba8c9b508f98e3a2b3d6
- https://git.kernel.org/stable/c/6e4ab3e574c2a335b40fa1f70d1c54fcb58ab33f
- https://git.kernel.org/stable/c/3c619aec1f538333b56746d2f796aab1bca5c9a5
- https://git.kernel.org/stable/c/5e7df74745700f059dc117a620e566964a2e8f2c
- https://git.kernel.org/stable/c/7ca513631fa6ad3011b8b9197cdde0f351103704
- https://git.kernel.org/stable/c/a9682bfef2cf3802515a902e964d774e137be1b9
- https://git.kernel.org/stable/c/152721cbae42713ecfbca6847e0f102ee6b19546
- https://git.kernel.org/stable/c/27c7e63b3cb1a20bb78ed4a36c561ea4579fd7da
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.