CVE-2025-39919

MEDIUM

Linux kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: add missing check for rx wcid entries Non-station wcid entries must not be passed to the rx functions. In case of the global wcid entry, it could even lead to corruption in the wcid array due to pointer being casted to struct mt7996_sta_link using container_of.

References (2)

[Patch] https://git.kernel.org/stable/c/4a522b01e368eec58d182ecc47d24f49a39e440d

[Patch] https://git.kernel.org/stable/c/69dcc19048fcdc3fb166fd25b805470ee8fc0eb1

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

Status published

Affected Products (6)

linux/linux_kernel < 6.16.6

linux/linux_kernel

linux/Kernel < 6.16.6linux

Timeline

Published Oct 01, 2025

Tracked Since Feb 18, 2026