CVE-2025-68182

Linux Kernel 6.15-6.17.7 - Use-After-Free in iwl_mld_remove_link

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix potential use after free in iwl_mld_remove_link() This code frees "link" by calling kfree_rcu(link, rcu_head) and then it dereferences "link" to get the "link->fw_id". Save the "link->fw_id" first to avoid a potential use after free.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/5b4a239c9f94e1606435f1842fc6fd426d607dbb

Patch

https://git.kernel.org/stable/c/77e67d5daaf155f7d0f99f4e797c4842169ec19e

Scores

EPSS 0.0003

EPSS Percentile 8.0%

Details

Status published

Products (7)

linux/Kernel 6.15.0 - 6.17.8linux

Linux/Linux < 6.15

Linux/Linux 6.15

Linux/Linux 6.17.8 - 6.17.*

Linux/Linux 6.18

Linux/Linux d1e879ec600f9b3bdd253167533959facfefb17b - 5b4a239c9f94e1606435f1842fc6fd426d607dbb

Linux/Linux d1e879ec600f9b3bdd253167533959facfefb17b - 77e67d5daaf155f7d0f99f4e797c4842169ec19e

Published Dec 16, 2025

Tracked Since Feb 18, 2026