CVE-2025-39957

HIGH

Linux kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scan_ies_len for S1G Currently the S1G capability element is not taken into account for the scan_ies_len, which leads to a buffer length validation failure in ieee80211_prep_hw_scan() and subsequent WARN in __ieee80211_start_scan(). This prevents hw scanning from functioning. To fix ensure we accommodate for the S1G capability length.

References (4)

[Patch] https://git.kernel.org/stable/c/0dbad5f5549e54ac269cc04ce89f212892a98cab

[Patch] https://git.kernel.org/stable/c/32adb020b0c32939da1322dcc87fc0ae2bc935d1

[Patch] https://git.kernel.org/stable/c/7e2f3213e85eba00acb4cfe6d71647892d63c3a1

[Patch] https://git.kernel.org/stable/c/93e063f15e17acb8cd6ac90c8f0802c2624e1a74

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 1.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

Status published

Affected Products (8)

linux/linux_kernel < 6.6.108

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/Kernel < 6.6.108linux

linux/Kernel < 6.12.49linux

linux/Kernel < 6.16.9linux

Timeline

Published Oct 09, 2025

Tracked Since Feb 18, 2026