CVE-2025-68738

Linux Kernel 6.14-6.17.12, 6.18.0-6.18.1 - Null Pointer Dereference in mt7996_conf_tx()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996_conf_tx() If a link does not have an assigned channel yet, mt7996_vif_link returns NULL. We still need to store the updated queue settings in that case, and apply them later. Move the location of the queue params to within struct mt7996_vif_link.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/96841352aaba7723c20afb3a5356746810ef8198

Patch

https://git.kernel.org/stable/c/b8f34c1c5c4f5130c20e3253c95ba1d844d402b9

Patch

https://git.kernel.org/stable/c/79277f8ad15ec5f255ed0e1427c7a8a3e94e7f52

Scores

EPSS 0.0002

EPSS Percentile 5.9%

Details

Status published

Products (10)

linux/Kernel 6.14.0 - 6.17.13linux

linux/Kernel 6.18.0 - 6.18.2linux

Linux/Linux < 6.14

Linux/Linux 6.14

Linux/Linux 6.17.13 - 6.17.*

Linux/Linux 6.18.2 - 6.18.*

Linux/Linux 6.19

Linux/Linux c0df2f0caa8dde0d50f36649ee28a54c5079281b - 79277f8ad15ec5f255ed0e1427c7a8a3e94e7f52

Linux/Linux c0df2f0caa8dde0d50f36649ee28a54c5079281b - 96841352aaba7723c20afb3a5356746810ef8198

Linux/Linux c0df2f0caa8dde0d50f36649ee28a54c5079281b - b8f34c1c5c4f5130c20e3253c95ba1d844d402b9

Published Dec 24, 2025

Tracked Since Feb 18, 2026